From caaf8f81fafbcaf6798f6a0a01404004699a25b3 Mon Sep 17 00:00:00 2001 From: Ingo Schwarze Date: Mon, 2 Feb 2015 04:04:45 +0000 Subject: When a full block macro gets closed out by a mismatching block closure macro it calls, do not attempt to open its body. This can for example happen for (nonsensical) constructions like .Fo .Nm Fc in the SYNOPSIS. Fixing an assertion failure jsg@ found with afl some time ago (test case number 731). --- mdoc_macro.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'mdoc_macro.c') diff --git a/mdoc_macro.c b/mdoc_macro.c index 21e01587..f46feeb0 100644 --- a/mdoc_macro.c +++ b/mdoc_macro.c @@ -1,4 +1,4 @@ -/* $Id: mdoc_macro.c,v 1.164 2015/02/01 23:56:37 schwarze Exp $ */ +/* $Id: mdoc_macro.c,v 1.165 2015/02/02 04:04:45 schwarze Exp $ */ /* * Copyright (c) 2008-2012 Kristaps Dzonsons * Copyright (c) 2010, 2012-2015 Ingo Schwarze @@ -1077,8 +1077,9 @@ blk_full(MACRO_PROT_ARGS) { int la, nl, parsed; struct mdoc_arg *arg; - struct mdoc_node *head; /* save of head macro */ - struct mdoc_node *body; /* save of body macro */ + struct mdoc_node *blk; /* Our own block. */ + struct mdoc_node *head; /* Our own head. */ + struct mdoc_node *body; /* Our own body. */ struct mdoc_node *n; enum margserr ac, lac; char *p; @@ -1118,7 +1119,7 @@ blk_full(MACRO_PROT_ARGS) */ mdoc_argv(mdoc, line, tok, &arg, pos, buf); - mdoc_block_alloc(mdoc, line, ppos, tok, arg); + blk = mdoc_block_alloc(mdoc, line, ppos, tok, arg); head = body = NULL; /* @@ -1218,6 +1219,8 @@ blk_full(MACRO_PROT_ARGS) break; } + if (blk->flags & MDOC_VALID) + return; if (head == NULL) head = mdoc_head_alloc(mdoc, line, ppos, tok); if (nl) -- cgit v1.2.3