From 52a3a69b975dd05a56837b3fc9f93cc8681d3282 Mon Sep 17 00:00:00 2001
From: Ingo Schwarze <schwarze@openbsd.org>
Date: Mon, 15 Dec 2014 23:43:26 +0000
Subject: Empty conditions count as false. When negated, they still count as
 false. Found when investigating crashes jsg@ found with afl. Not completely
 fixing the crashes yet.

---
 roff.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'roff.c')

diff --git a/roff.c b/roff.c
index 08a4f922..32cc6c31 100644
--- a/roff.c
+++ b/roff.c
@@ -1258,6 +1258,8 @@ roff_evalcond(struct roff *r, int ln, const char *v, int *pos)
 		wanttrue = 1;
 
 	switch (v[*pos]) {
+	case '\0':
+		return(0);
 	case 'n':
 		/* FALLTHROUGH */
 	case 'o':
-- 
cgit