From af86132e1afa65b4b466af3ea9c7084836c91ee0 Mon Sep 17 00:00:00 2001 From: Tuomas Tynkkynen Date: Tue, 3 Apr 2018 15:27:17 +0300 Subject: [PATCH] libexpr: Make unsafeGetAttrPos not crash on noPos Currently e.g. `builtins.unsafeGetAttrPos "abort" builtins` will eventually segfault because pos->file is an unset Symbol. Found by afl-fuzz. --- src/libexpr/eval.cc | 2 +- tests/lang/eval-okay-getattrpos-undefined.exp | 1 + tests/lang/eval-okay-getattrpos-undefined.nix | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 tests/lang/eval-okay-getattrpos-undefined.exp create mode 100644 tests/lang/eval-okay-getattrpos-undefined.nix diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 37b977736..854899079 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -628,7 +628,7 @@ void EvalState::mkThunk_(Value & v, Expr * expr) void EvalState::mkPos(Value & v, Pos * pos) { - if (pos) { + if (pos && pos->file.set()) { mkAttrs(v, 3); mkString(*allocAttr(v, sFile), pos->file); mkInt(*allocAttr(v, sLine), pos->line); diff --git a/tests/lang/eval-okay-getattrpos-undefined.exp b/tests/lang/eval-okay-getattrpos-undefined.exp new file mode 100644 index 000000000..19765bd50 --- /dev/null +++ b/tests/lang/eval-okay-getattrpos-undefined.exp @@ -0,0 +1 @@ +null diff --git a/tests/lang/eval-okay-getattrpos-undefined.nix b/tests/lang/eval-okay-getattrpos-undefined.nix new file mode 100644 index 000000000..14dd38f77 --- /dev/null +++ b/tests/lang/eval-okay-getattrpos-undefined.nix @@ -0,0 +1 @@ +builtins.unsafeGetAttrPos "abort" builtins