Bison v3.4.1 prints a few gigabytes of spaces

[lvarady]

Hello,

I would like to report a bug in Bison v3.4.1.

When Bison is started with a flag that suppresses warning messages, the
error_message() function can produce a few gigabytes of indentation because of
a dangling pointer.

Reproduction: 

test.y:
%define api.pure
%pure-parser
%error-verbose

%%
start : ;
%%

$ bison -Wno-other test.y

One of the invocations of complains() is coming from
muscle_percent_define_insert() through complain_indent(), where the global
variable indent_ptr is set to a stack address. Since indent_ptr is set to
NULL only in error_message(), and this function is not always called due to the
warning suppression, the next invocation of error_message() will dereference
indent_ptr, which will point to garbage.

Valgrind output:
==6198== Conditional jump or move depends on uninitialised value(s)
==6198==    at 0x110D44: error_message (complain.c:413)
==6198==    by 0x110D44: complains (complain.c:465)
==6198==    by 0x11162E: complain (complain.c:477)
==6198==    by 0x111920: deprecated_directive (complain.c:532)
==6198==    by 0x11EC8F: muscle_percent_define_insert (muscle-tab.c:543)
==6198==    by 0x12B502: handle_error_verbose (parse-gram.y:889)
==6198==    by 0x12B502: gram_parse (parse-gram.y:330)
==6198==    by 0x12F58A: reader (reader.c:737)
==6198==    by 0x10D8E4: main (main.c:104)

--
László Várady