From 43ec93cfe90172f186b71bfc229b34a981f5b128 Mon Sep 17 00:00:00 2001
From: John Darrington <john@darrington.wattle.id.au>
Date: Mon, 4 Apr 2016 13:42:21 +0200
Subject: [PATCH] Fix crash in T-Test after parsing a null terminated string.

Found by zzuf.
---
 src/language/stats/t-test-parser.c |  4 ++--
 tests/language/stats/t-test.at     | 26 ++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/src/language/stats/t-test-parser.c b/src/language/stats/t-test-parser.c
index 7af0dfc9c6..38e58ce01a 100644
--- a/src/language/stats/t-test-parser.c
+++ b/src/language/stats/t-test-parser.c
@@ -44,9 +44,9 @@ cmd_t_test (struct lexer *lexer, struct dataset *ds)
 
   /* Variables pertaining to the paired mode */
   const struct variable **v1 = NULL;
-  size_t n_v1;
+  size_t n_v1 = 0;
   const struct variable **v2 = NULL;
-  size_t n_v2;
+  size_t n_v2 = 0;
 	  
   size_t n_pairs = 0;
   vp *pairs = NULL;
diff --git a/tests/language/stats/t-test.at b/tests/language/stats/t-test.at
index 455d288920..1203a5f393 100644
--- a/tests/language/stats/t-test.at
+++ b/tests/language/stats/t-test.at
@@ -839,3 +839,29 @@ AT_CHECK([pspp t.sps], [1],[ignore], [ignore])
 
 AT_CLEANUP
 
+
+
+dnl Another crash on invalid input
+AT_SETUP([T-TEST unterminated string - paired])
+AT_DATA([t.sps], [dnl
+data list list /id * a * b * c * d *.
+begin data.
+5 2.0 3.0 4.0 4.0
+3 1.0 2.0 5.1 3.9
+3 2.0 4.5 5.2(3.8
+4 2.0 4.5 5n3 3.7
+5 3.0 6.0 5.9 3.6
+6 3.4 6.0 5.9  .
+end data.
+
+
+t-test /MISSING=listwise /PAIRS a"b with c d (PA	RED).
+])
+
+AT_CHECK([pspp t.sps],[1],[ignore],[ignore])
+
+AT_CLEANUP
+
+
+
+
-- 
2.30.2