[tex-live] Bug: lacheck segfaults on "\end{a}$"

[Ken Brown]

On 5/9/2015 10:59 AM, Antoine Amarilli wrote:
> Hello,
>
> I'm new here, so I hope this is the right place to report this.
>
> I have a problem with the lacheck utility (in utils/lacheck in the
> source tree), which if I understand correctly is being maintained here.
> The problem is that lacheck segfaults on the attached segfault.tex file.
> (I tested it by running ./lacheck segfault.tex with lacheck compiled
> from the latest source tree, and also with the lacheck package version
> 1.26-15 on Debian.) This segfault.tex file is a minified example of a
> real-world file that also triggers the bug.
>
> Does this segfault also occur for you? Can something be done about it?

I can confirm this on my system.  The crash occurs in print_bad_match(), when 
lacheck is trying to report "unmatched end of file".  At this point gstackp == 
0, and the macro CG_FILE in lacheck.l:1063 makes an illegal memory access 
gstack[-1].

A quick fix for this specific case would be to insert a check for gstackp == 0 
in print_bad_match (and maybe exiting at this point).  But I don't know if that 
would solve the underlying problem.  There may be other places where the CG_* 
macros are called when the stack might be empty.  Would it be too drastic to 
modify these macros so that they always check whether gstackp == 0?

Ken