From 2a8721309f4f7dbbb5908c122a134490432f4431 Mon Sep 17 00:00:00 2001 From: Ingo Schwarze Date: Mon, 2 Feb 2015 04:04:45 +0000 Subject: When a full block macro gets closed out by a mismatching block closure macro it calls, do not attempt to open its body. This can for example happen for (nonsensical) constructions like .Fo .Nm Fc in the SYNOPSIS. Fixing an assertion failure jsg@ found with afl some time ago (test case number 731). --- mdoc_macro.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'mdoc_macro.c') diff --git a/mdoc_macro.c b/mdoc_macro.c index 8624ea98..8b3ea05b 100644 --- a/mdoc_macro.c +++ b/mdoc_macro.c @@ -1077,8 +1077,9 @@ blk_full(MACRO_PROT_ARGS) { int la, nl, parsed; struct mdoc_arg *arg; - struct mdoc_node *head; /* save of head macro */ - struct mdoc_node *body; /* save of body macro */ + struct mdoc_node *blk; /* Our own block. */ + struct mdoc_node *head; /* Our own head. */ + struct mdoc_node *body; /* Our own body. */ struct mdoc_node *n; enum margserr ac, lac; char *p; @@ -1118,7 +1119,7 @@ blk_full(MACRO_PROT_ARGS) */ mdoc_argv(mdoc, line, tok, &arg, pos, buf); - mdoc_block_alloc(mdoc, line, ppos, tok, arg); + blk = mdoc_block_alloc(mdoc, line, ppos, tok, arg); head = body = NULL; /* @@ -1218,6 +1219,8 @@ blk_full(MACRO_PROT_ARGS) break; } + if (blk->flags & MDOC_VALID) + return; if (head == NULL) head = mdoc_head_alloc(mdoc, line, ppos, tok); if (nl) -- cgit