MtnViewJohn/context-free

Null pointer dereference while printing syntax error

Closed this issue · 1 comments

dkasak commented

This input causes a crash while printing a syntax error due to the
filename being a null pointer:

startshape S
shape S
rule { U [] }
path U { path FILL [] }

Valgrind report:

==1347== Memcheck, a memory error detector
==1347== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==1347== Using Valgrind-3.14.0.GIT and LibVEX; rerun with -h for copyright info
==1347== Command: cfdg-github 3
==1347== 
==1347== Invalid read of size 8
==1347==    at 0x4B7B3D4: std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::c_str() const
(basic_string.h:2282)
==1347==    by 0x184CFB: CommandLineSystem::syntaxError(CfdgError
const&) (commandLineSystem.cpp:91)
==1347==    by 0x15D880: RendererImpl::run(Canvas*, bool)
(renderimpl.cpp:316)
==1347==    by 0x21D27C: main (main.cpp:510)
==1347==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==1347== 
==1347== 
==1347== Process terminating with default action of signal 11 (SIGSEGV)
==1347==  Access not within mapped region at address 0x0
==1347==    at 0x4B7B3D4: std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::c_str() const
(basic_string.h:2282)
==1347==    by 0x184CFB: CommandLineSystem::syntaxError(CfdgError
const&) (commandLineSystem.cpp:91)
==1347==    by 0x15D880: RendererImpl::run(Canvas*, bool)
(renderimpl.cpp:316)
==1347==    by 0x21D27C: main (main.cpp:510)
==1347==  If you believe this happened as a result of a stack
==1347==  overflow in your program's main thread (unlikely but
==1347==  possible), you can try to increase the size of the
==1347==  main thread stack using the --main-stacksize= flag.
==1347==  The main thread stack size used in this run was 8388608.
==1347== 
==1347== HEAP SUMMARY:
==1347==     in use at exit: 359,962 bytes in 338 blocks
==1347==   total heap usage: 734 allocs, 396 frees, 544,465 bytes
allocated
==1347== 
==1347== LEAK SUMMARY:
==1347==    definitely lost: 216 bytes in 1 blocks
==1347==    indirectly lost: 0 bytes in 0 blocks
==1347==      possibly lost: 176 bytes in 1 blocks
==1347==    still reachable: 359,570 bytes in 336 blocks
==1347==         suppressed: 0 bytes in 0 blocks
==1347== Rerun with --leak-check=full to see details of leaked memory
==1347== 
==1347== For counts of detected and suppressed errors, rerun with: -v
==1347== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
MtnViewJohn commented

Fixed in version 3.1