From 905be966d351a2409f65ae30c5c9aa5e10b69398 Mon Sep 17 00:00:00 2001
From: Ingo Schwarze <schwarze@openbsd.org>
Date: Thu, 8 Jun 2017 19:35:51 +0000
Subject: Properly reinitialize roffce_node between parses, or this may crash
 with use-after-free in makewhatis(8); reported by jmc@, thanks!

---
 roff.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'roff.c')

diff --git a/roff.c b/roff.c
index 6880719b..49c49078 100644
--- a/roff.c
+++ b/roff.c
@@ -1,4 +1,4 @@
-/*	$Id: roff.c,v 1.306 2017/06/07 00:50:34 schwarze Exp $ */
+/*	$Id: roff.c,v 1.307 2017/06/08 19:35:51 schwarze Exp $ */
 /*
  * Copyright (c) 2008-2012, 2014 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010-2015, 2017 Ingo Schwarze <schwarze@openbsd.org>
@@ -767,6 +767,10 @@ roff_reset(struct roff *r)
 	r->format = r->options & (MPARSE_MDOC | MPARSE_MAN);
 	r->control = '\0';
 	r->escape = '\\';
+	roffce_lines = 0;
+	roffce_node = NULL;
+	roffit_lines = 0;
+	roffit_macro = NULL;
 }
 
 void
-- 
cgit v1.2.3