From be897936699d18db786670ea05d4a0660e9350ee Mon Sep 17 00:00:00 2001 From: Johannes Altmanninger Date: Sat, 4 Mar 2023 01:20:27 +0100 Subject: [PATCH] Fix buffer overflow accessing error source in ParseError::describe() For some reason this error is triggered by tests after the Rust port of ast.cpp. Might want to get to the bottom of this but moving it back to match the original C++ logic fixes it. --- fish-rust/src/parse_constants.rs | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/fish-rust/src/parse_constants.rs b/fish-rust/src/parse_constants.rs index 62d50199e..ff3b7bbc8 100644 --- a/fish-rust/src/parse_constants.rs +++ b/fish-rust/src/parse_constants.rs @@ -392,18 +392,21 @@ pub fn describe_with_prefix( skip_caret: bool, ) -> WString { let mut result = prefix.to_owned(); - let context = wstr::from_char_slice( - &src.as_char_slice()[self.source_start..self.source_start + self.source_length], - ); // Some errors don't have their message passed in, so we construct them here. // This affects e.g. `eval "a=(foo)"` match self.code { ParseErrorCode::andor_in_pipeline => { + let context = wstr::from_char_slice( + &src.as_char_slice()[self.source_start..self.source_start + self.source_length], + ); result += wstr::from_char_slice( wgettext_fmt!(INVALID_PIPELINE_CMD_ERR_MSG, context).as_char_slice(), ); } ParseErrorCode::bare_variable_assignment => { + let context = wstr::from_char_slice( + &src.as_char_slice()[self.source_start..self.source_start + self.source_length], + ); let assignment_src = context; #[allow(clippy::explicit_auto_deref)] let equals_pos = variable_assignment_equals_pos(assignment_src).unwrap();