[PATCH] awk: fix use after free (CVE-2023-42363)

Natanael Copa ncopa at alpinelinux.org
Tue May 21 11:57:04 UTC 2024


On Tue, 21 May 2024 08:46:46 +0200
Natanael Copa <ncopa at alpinelinux.org> wrote:

> > Current git master awk is also broken.  
> 
> A reproducer:
> 
> busybox awk 'BEGIN { a = 0 ? "yes": "no"; print a}'
> 
> Prints 0 instead of "no".
> 
> Looks like awk treats it as: (a = 0) ? "yes": "no"


I think commit 0256e00a9d07 (awk: fix precedence of = relative to ==)
may be wrong? At least it is different from other awk implementations:

ncopa-desktop:~/src/busybox/build (master)$ ./busybox awk 'BEGIN { print v=3==3; print v}'
1
3
ncopa-desktop:~/src/busybox/build (master)$ gawk 'BEGIN { print v=3==3; print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ mawk 'BEGIN { print v=3==3; print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ nawk 'BEGIN { print v=3==3; print v}'
nawk: syntax error at source line 1
 context is
	BEGIN { print >>>  v=3== <<< 
nawk: illegal statement at source line 1
nawk: illegal statement at source line 1
ncopa-desktop:~/src/busybox/build (master)$ nawk 'BEGIN { print (v=3==3); print v}'
1
1
ncopa-desktop:~/src/busybox/build (master)$ ./busybox awk 'BEGIN { print (v=3==3); print v}'
1
3

And on FreeBSD:

ncopa at fbsd13:~ $ awk 'BEGIN { print v=3==3; print v}'
awk: syntax error at source line 1
 context is
	BEGIN { print >>>  v=3== <<< 
awk: illegal statement at source line 1


The awk.tests claims:
> "awk = has higher precedence than == (despite what gawk manpage claims)"

Denys, from where did you get that "= has higher precedence than =="? I
haven't found any other awk implementation where this is true. 

-nc


More information about the busybox mailing list