Fix use-after-free in number_or_range_parser

-fsanitize=address showed a use-after-free in number_or_range_parser.

The cause was that handle_line_of_input could stash the input into
"saved_command_line", and then this could be freed by reentrant calls.

This fixes the bug by preventing commands that are read by "commands"
from being eligible for repeating.

gdb/ChangeLog
2018-08-17  Tom Tromey  <tom@tromey.com>

	* cli/cli-script.c (read_next_line): Pass 0 as repeat argument to
	command_line_input.

2 files changed, 6 insertions, 1 deletions

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 9fac8cc..a40f39f 100644
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,8 @@
+2018-08-17  Tom Tromey  <tom@tromey.com>
+
+	* cli/cli-script.c (read_next_line): Pass 0 as repeat argument to
+	command_line_input.
+
 2018-08-15  Tom Tromey  <tom@tromey.com>
 
 	* aarch64-linux-tdep.c (aarch64_linux_core_read_vq): Use pulongest.
diff --git a/gdb/cli/cli-script.c b/gdb/cli/cli-script.c
index 6f31a40..d03b3bc 100644
--- a/gdb/cli/cli-script.c
+++ b/gdb/cli/cli-script.c
@@ -903,7 +903,7 @@ read_next_line (void)
   else
     prompt_ptr = NULL;
 
-  return command_line_input (prompt_ptr, from_tty, "commands");
+  return command_line_input (prompt_ptr, 0, "commands");
 }
 
 /* Return true if CMD's name is NAME.  */