[PATCH] awk: fix use after free (CVE-2023-42363)
Natanael Copa
ncopa at alpinelinux.org
Tue May 21 11:57:04 UTC 2024
On Tue, 21 May 2024 08:46:46 +0200
Natanael Copa <ncopa at alpinelinux.org> wrote:
> > Current git master awk is also broken.
>
> A reproducer:
>
> busybox awk 'BEGIN { a = 0 ? "yes": "no"; print a}'
>
> Prints 0 instead of "no".
>
> Looks like awk treats it as: (a = 0) ? "yes": "no"
I think commit 0256e00a9d07 (awk: fix precedence of = relative to ==)
may be wrong? At least it is different from other awk implementations:
ncopa-desktop:~/src/busybox/build (master)$ ./busybox awk 'BEGIN { print v=3==3; print v}'
1
3
ncopa-desktop:~/src/busybox/build (master)$ gawk 'BEGIN { print v=3==3; print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ mawk 'BEGIN { print v=3==3; print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ nawk 'BEGIN { print v=3==3; print v}'
nawk: syntax error at source line 1
context is
BEGIN { print >>> v=3== <<<
nawk: illegal statement at source line 1
nawk: illegal statement at source line 1
ncopa-desktop:~/src/busybox/build (master)$ nawk 'BEGIN { print (v=3==3); print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ ./busybox awk 'BEGIN { print (v=3==3); print v}'
1
3
And on FreeBSD:
ncopa at fbsd13:~ $ awk 'BEGIN { print v=3==3; print v}'
awk: syntax error at source line 1
context is
BEGIN { print >>> v=3== <<<
awk: illegal statement at source line 1
The awk.tests claims:
> "awk = has higher precedence than == (despite what gawk manpage claims)"
Denys, from where did you get that "= has higher precedence than =="? I
haven't found any other awk implementation where this is true.
-nc
More information about the busybox
mailing list