Segfault in Parser::parseCommand due to improper input validation
Closed this issue · 1 comments
Summary:
bibish does not check to see if any arguments were passed to a command given to it before it attempts to parse what those arguments are. This results in invalid accesses and can result in a segfault.
Steps to reproduce:
- Compile bibish from git master.
- Run it on a machine with no modules installed.
- Run
?. - Run
list.
Expected result: You should be informed that no modules are installed.
Actual result: Segmentation fault.
Additional info:
gdb points to the segfault occurring in src/parser.cpp:97, where bibish compares the first argument passed to list to see if it is the string bibles. However as no arguments were passed to list, argumentPart is an empty std::list and argumentPart.front() appears to return an invalid value. When list is run as the first command to bibish, whatever that invalid value is doesn't seem to cause much trouble, but if you run ? first, something in memory changes and bibish crashes when attempting to do the comparison.
Looking at parser.cpp, it looks like none of the commands check their argument count before attempting to parse them. This does indeed cause more issues - I can cause a similar but not identical crash running select (with no arguments) immediately after running ?.
I haven't looked closely enough at the rest of the code to know how exactly to guard against this, but I intend to.
Nice app by the way, I'm liking it so far :)
Found a couple extra segfault spots in interface.cpp (in the devo and gloss commands). I got those fixed too. PR incoming.