--- /dev/null
+--- gawk-3.1.3/main.c.getpgrp_void 2004-01-26 12:08:26.000000000 +0100
++++ gawk-3.1.3/main.c 2004-01-26 12:15:22.000000000 +0100
+@@ -874,14 +874,11 @@
+
+ PROCINFO_node = install("PROCINFO",
+ node((NODE *) NULL, Node_var_array, (NODE *) NULL));
+-
+ #ifdef GETPGRP_VOID
+-#define getpgrp_arg() /* nothing */
++ value = getpgrp();
+ #else
+-#define getpgrp_arg() getpid()
++ value = getpgrp(getpid());
+ #endif
+-
+- value = getpgrp(getpgrp_arg());
+ aptr = assoc_lookup(PROCINFO_node, tmp_string("pgrpid", 6), FALSE);
+ *aptr = make_number(value);
+
+--- gawk-3.1.3/io.c.getpgrp_void 2004-01-26 12:08:36.000000000 +0100
++++ gawk-3.1.3/io.c 2004-01-26 12:16:04.000000000 +0100
+@@ -1422,11 +1422,6 @@
+ return 0;
+ }
+
+-#ifdef GETPGRP_VOID
+-#define getpgrp_arg() /* nothing */
+-#else
+-#define getpgrp_arg() getpid()
+-#endif
+
+ /* pidopen --- "open" /dev/pid, /dev/ppid, and /dev/pgrpid */
+
+@@ -1440,7 +1435,11 @@
+ warning(_("use `PROCINFO[\"%s\"]' instead of `%s'"), cp, name);
+
+ if (name[6] == 'g')
++#ifdef GETPGRP_VOID
++ sprintf(tbuf, "%d\n", (int) getpgrp());
++#else
+ sprintf(tbuf, "%d\n", (int) getpgrp(getpgrp_arg()));
++#endif
+ else if (name[6] == 'i')
+ sprintf(tbuf, "%d\n", (int) getpid());
+ else
--- /dev/null
+
+ * eval.c (set_BINMODE): Fix logic of test for no numeric value.
+ Makes `gawk -v BINMODE=1 ...' work again. Thanks to Eli Zaretskii
+ <eliz@gnu.org> for pointing out the problem.
+
+--- gawk-3.1.5/eval.c.binmode 2005-12-22 19:05:32.000000000 +0100
++++ gawk-3.1.5/eval.c 2005-12-22 19:06:40.000000000 +0100
+@@ -2167,7 +2167,7 @@
+ }
+ }
+
+- if (! digits || (BINMODE_node->var_value->flags & MAYBE_NUM) == 0) {
++ if (! digits && (BINMODE_node->var_value->flags & MAYBE_NUM) == 0) {
+ BINMODE = 0;
+ if (strcmp(p, "r") == 0)
+ BINMODE = 1;
--- /dev/null
+--- gawk-3.1.5/field.c.fieldwidths 2005-05-11 17:28:15.000000000 +0200
++++ gawk-3.1.5/field.c 2005-10-09 08:35:54.000000000 +0200
+@@ -916,7 +916,7 @@
+
+ parse_field = fw_parse_field;
+ scan = force_string(FIELDWIDTHS_node->var_value)->stptr;
+- end = scan + 1;
++
+ if (FIELDWIDTHS == NULL)
+ emalloc(FIELDWIDTHS, int *, fw_alloc * sizeof(int), "set_FIELDWIDTHS");
+ FIELDWIDTHS[0] = 0;
+@@ -941,7 +941,7 @@
+ errno = 0;
+ tmp = strtoul(scan, &end, 10);
+ if (errno != 0
+- || !(*end == '\0' || is_blank(*end))
++ || (*end != '\0' && ! is_blank(*end))
+ || !(0 < tmp && tmp <= INT_MAX))
+ fatal(_("invalid FIELDWIDTHS value, near `%s'"),
+ scan);
+@@ -954,7 +954,7 @@
+ if (*scan == '\0')
+ break;
+ }
+- FIELDWIDTHS[i] = -1;
++ FIELDWIDTHS[i+1] = -1;
+
+ update_PROCINFO("FS", "FIELDWIDTHS");
+ }
--- /dev/null
+--- gawk-3.1.5/io.c.free 2005-09-27 19:21:05.000000000 +0200
++++ gawk-3.1.5/io.c 2005-09-27 19:22:58.000000000 +0200
+@@ -2479,9 +2479,12 @@
+ {
+ struct stat sbuf;
+ struct open_hook *oh;
++ int iop_malloced = FALSE;
+
+- if (iop == NULL)
++ if (iop == NULL) {
+ emalloc(iop, IOBUF *, sizeof(IOBUF), "iop_alloc");
++ iop_malloced = TRUE;
++ }
+ memset(iop, '\0', sizeof(IOBUF));
+ iop->flag = 0;
+ iop->fd = fd;
+@@ -2494,7 +2497,8 @@
+ }
+
+ if (iop->fd == INVALID_HANDLE) {
+- free(iop);
++ if (iop_malloced)
++ free(iop);
+ return NULL;
+ }
+ if (isatty(iop->fd))
+@@ -2502,7 +2506,7 @@
+ iop->readsize = iop->size = optimal_bufsize(iop->fd, & sbuf);
+ iop->sbuf = sbuf;
+ if (do_lint && S_ISREG(sbuf.st_mode) && sbuf.st_size == 0)
+- lintwarn(_("data file `%s' is empty"), name);
++ lintwarn(_("data file `%s' is empty"), name);
+ errno = 0;
+ iop->count = iop->scanoff = 0;
+ emalloc(iop->buf, char *, iop->size += 2, "iop_alloc");
--- /dev/null
+--- gawk-3.1.5/field.c.freewstr 2007-01-15 11:02:51.000000000 +0100
++++ gawk-3.1.5/field.c 2007-01-15 11:21:56.000000000 +0100
+@@ -155,6 +155,7 @@
+ ofs = force_string(OFS_node->var_value);
+ ofslen = ofs->stlen;
+ for (i = NF; i > 0; i--) {
++ free_wstr(fields_arr[i]);
+ tmp = fields_arr[i];
+ tmp = force_string(tmp);
+ tlen += tmp->stlen;
+@@ -922,7 +923,7 @@
+ FIELDWIDTHS[0] = 0;
+ for (i = 1; ; i++) {
+ unsigned long int tmp;
+- if (i >= fw_alloc) {
++ if (i + 1 >= fw_alloc) {
+ fw_alloc *= 2;
+ erealloc(FIELDWIDTHS, int *, fw_alloc * sizeof(int), "set_FIELDWIDTHS");
+ }
+--- gawk-3.1.5/builtin.c.freewstr 2005-07-26 20:07:43.000000000 +0200
++++ gawk-3.1.5/builtin.c 2007-01-15 11:12:52.000000000 +0100
+@@ -2089,9 +2089,9 @@
+ }
+
+ free(buf);
+- if (wc_indices != NULL)
+- free(wc_indices);
+ }
++ if (wc_indices != NULL)
++ free(wc_indices);
+ } else { /* match failed */
+ rstart = 0;
+ rlength = -1;
+@@ -2462,6 +2462,8 @@
+ free(t->stptr);
+ t->stptr = buf;
+ t->stlen = textlen;
++ free_wstr(t);
++ t->flags &= ~(NUMCUR|NUMBER);
+
+ free_temp(s);
+ if (matches > 0 && lhs) {
+@@ -2471,7 +2473,6 @@
+ }
+ if (after_assign != NULL)
+ (*after_assign)();
+- t->flags &= ~(NUMCUR|NUMBER);
+ }
+ if (mb_indices != NULL)
+ free(mb_indices);
+--- gawk-3.1.5/awk.h.freewstr 2005-07-26 20:07:43.000000000 +0200
++++ gawk-3.1.5/awk.h 2007-01-15 11:02:51.000000000 +0100
+@@ -1166,6 +1166,9 @@
+ #define force_wstring(n) str2wstr(n, NULL)
+ extern const wchar_t *wstrstr P((const wchar_t *haystack, size_t hs_len, const wchar_t *needle, size_t needle_len));
+ extern const wchar_t *wcasestrstr P((const wchar_t *haystack, size_t hs_len, const wchar_t *needle, size_t needle_len));
++extern void free_wstr P((NODE *n));
++#else
++#define free_wstr(NODE) /* empty */
+ #endif
+ /* re.c */
+ extern Regexp *make_regexp P((const char *s, size_t len, int ignorecase, int dfa));
+--- gawk-3.1.5/node.c.freewstr 2007-01-15 11:02:51.000000000 +0100
++++ gawk-3.1.5/node.c 2007-01-15 11:33:44.000000000 +0100
+@@ -96,6 +96,7 @@
+ if (! do_traditional && isnondecimal(cp, TRUE)) {
+ n->numbr = nondec2awknum(cp, cpend - cp);
+ n->flags |= NUMCUR;
++ ptr = cpend;
+ goto finish;
+ }
+ }
+@@ -218,15 +219,7 @@
+ no_malloc:
+ s->stref = 1;
+ s->flags |= STRCUR;
+-#if defined MBS_SUPPORT
+- if ((s->flags & WSTRCUR) != 0) {
+- assert(s->wstptr != NULL);
+- free(s->wstptr);
+- s->wstptr = NULL;
+- s->wstlen = 0;
+- s->flags &= ~WSTRCUR;
+- }
+-#endif
++ free_wstr(s);
+ return s;
+ }
+
+@@ -289,8 +282,14 @@
+ *r = *n;
+ r->flags &= ~(PERM|TEMP|FIELD);
+ r->flags |= MALLOC;
+-#if defined MBS_SUPPORT
++#ifdef MBS_SUPPORT
++ /*
++ * DON'T call free_wstr(r) here!
++ * r->wstptr still points at n->wstptr's value, and we
++ * don't want to free it!
++ */
+ r->wstptr = NULL;
++ r->wstlen = 0;
+ #endif /* defined MBS_SUPPORT */
+ if (n->type == Node_val && (n->flags & STRCUR) != 0) {
+ r->stref = 1;
+@@ -346,11 +345,7 @@
+ r->stref = 1;
+ r->stptr = NULL;
+ r->stlen = 0;
+-#if defined MBS_SUPPORT
+- r->wstptr = NULL;
+- r->wstlen = 0;
+- r->flags &= ~WSTRCUR;
+-#endif /* MBS_SUPPORT */
++ free_wstr(r);
+ #endif /* GAWKDEBUG */
+ return r;
+ }
+@@ -365,10 +360,11 @@
+ getnode(r);
+ r->type = Node_val;
+ r->flags = (STRING|STRCUR|MALLOC);
+-#if defined MBS_SUPPORT
++#ifdef MBS_SUPPORT
+ r->wstptr = NULL;
+ r->wstlen = 0;
+-#endif
++#endif /* defined MBS_SUPPORT */
++
+ if (flags & ALREADY_MALLOCED)
+ r->stptr = s;
+ else {
+@@ -512,20 +508,13 @@
+ return;
+ }
+ free(tmp->stptr);
+-#if defined MBS_SUPPORT
+- if (tmp->wstptr != NULL) {
+- assert((tmp->flags & WSTRCUR) != 0);
+- free(tmp->wstptr);
+- }
+- tmp->flags &= ~WSTRCUR;
+- tmp->wstptr = NULL;
+- tmp->wstlen = 0;
+-#endif
++ free_wstr(tmp);
+ }
+ freenode(tmp);
+ return;
+ }
+ if ((tmp->flags & FIELD) != 0) {
++ free_wstr(tmp);
+ freenode(tmp);
+ return;
+ }
+@@ -706,12 +695,8 @@
+ return n;
+ /* otherwise
+ fall through and recompute to fill in the array */
+- }
+-
+- if (n->wstptr != NULL) {
+- free(n->wstptr);
+- n->wstptr = NULL;
+- n->wstlen = 0;
++ if (n->wstptr != NULL)
++ free_wstr(n);
+ }
+
+ /*
+@@ -752,8 +737,8 @@
+ case (size_t) -2:
+ case (size_t) -1:
+ case 0:
+- goto done;
+-
++ count = 1;
++ /* fall through */
+ default:
+ *wsp++ = wc;
+ src_count -= count;
+@@ -777,6 +762,20 @@
+ return n;
+ }
+
++/* free_wstr --- release the wide string part of a node */
++
++void
++free_wstr(NODE *n)
++{
++ if ((n->flags & WSTRCUR) != 0) {
++ assert(n->wstptr != NULL);
++ free(n->wstptr);
++ }
++ n->wstptr = NULL;
++ n->wstlen = 0;
++ n->flags &= ~WSTRCUR;
++}
++
+ #if 0
+ static void
+ dump_wstr(FILE *fp, const wchar_t *str, size_t len)
+--- gawk-3.1.5/dfa.c.freewstr 2007-01-15 11:13:19.000000000 +0100
++++ gawk-3.1.5/dfa.c 2007-01-15 11:17:44.000000000 +0100
+@@ -516,7 +516,6 @@
+
+ work_mbc->nchars = work_mbc->nranges = work_mbc->nch_classes = 0;
+ work_mbc->nequivs = work_mbc->ncoll_elems = 0;
+- work_mbc->chars = NULL;
+ work_mbc->ch_classes = NULL;
+ work_mbc->range_sts = work_mbc->range_ends = NULL;
+ work_mbc->equivs = work_mbc->coll_elems = NULL;
+@@ -1602,8 +1601,8 @@
+ d->states[i].constraint = 0;
+ d->states[i].first_end = 0;
+ #ifdef MBS_SUPPORT
+- if (MB_CUR_MAX > 1)
+- d->states[i].mbps.nelem = 0;
++ d->states[i].mbps.nelem = 0;
++ d->states[i].mbps.elems = NULL;
+ #endif
+ for (j = 0; j < s->nelem; ++j)
+ if (d->tokens[s->elems[j].index] < 0)
+@@ -3136,8 +3135,13 @@
+ }
+ #endif /* MBS_SUPPORT */
+
+- for (i = 0; i < d->sindex; ++i)
++ for (i = 0; i < d->sindex; ++i) {
+ free((ptr_t) d->states[i].elems.elems);
++#ifdef MBS_SUPPORT
++ if (d->states[i].mbps.nelem > 0)
++ free((ptr_t) d->states[i].mbps.elems);
++#endif /* MBS_SUPPORT */
++ }
+ free((ptr_t) d->states);
+ for (i = 0; i < d->tindex; ++i)
+ if (d->follows[i].elems)
+--- gawk-3.1.5/eval.c.freewstr 2007-01-15 11:02:51.000000000 +0100
++++ gawk-3.1.5/eval.c 2007-01-15 11:02:51.000000000 +0100
+@@ -1176,13 +1176,7 @@
+ memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
+ l->stlen += r->stlen;
+ l->stptr[l->stlen] = '\0';
+-#if defined MBS_SUPPORT
+- if (r->wstptr != NULL)
+- free(r->wstptr);
+- r->wstptr = NULL;
+- r->wstlen = 0;
+- r->flags &= ~WSTRCUR;
+-#endif /* MBS_SUPPORT */
++ free_wstr(l);
+ } else {
+ char *nval;
+ size_t nlen = l->stlen + r->stlen + 2;
--- /dev/null
+Sun Jun 18 22:27:25 2006 Arnold D. Robbins <arnold@skeeve.com>
+
+ Repair internal names like /dev/user, /dev/pid, as well as /dev/fd/N,
+ which have been broken for a long time but noone noticed.
+
+ * io.c (is_internal): new macro to check for internal file like `/dev/user'.
+ (spec_setup): Reduce to two parameters, allocate logic is always true.
+ Add IOP_NO_FREE to flag.
+ (pidopen, useropen): Return `IOBUF *' instead of int. Fix
+ logic to test if `iop' parameter is NULL and if so to allocate it.
+ (specfdopen,): Return `IOBUF *' instead of int. Fix
+ logic to test if `iop' parameter is NULL and if so to allocate it.
+ Don't set IOP_NO_FREE in flag.
+ (iop_open): Remove `IOBUF iob' field from `struct internal' and its use
+ and the use of `spec_setup' from the code here. Change the check in the
+ call to the open function to look for NULL.
+ (get_a_record): Use `is_internal' in initial check for filling the
+ buffer to not try to call `read' on internal files. If true, set
+ the IOP_AT_EOF in the flag and return EOF.
+
+--- gawk-3.1.5/io.c.internal 2006-06-21 19:46:59.000000000 +0200
++++ gawk-3.1.5/io.c 2006-06-21 19:49:54.000000000 +0200
+@@ -110,6 +110,7 @@
+ #define at_eof(iop) ((iop->flag & IOP_AT_EOF) != 0)
+ #define has_no_data(iop) (iop->dataend == NULL)
+ #define no_data_left(iop) (iop->off >= iop->dataend)
++#define is_internal(iop) ((iop->flag & IOP_IS_INTERNAL) != 0)
+ /* The key point to the design is to split out the code that searches through */
+ /* a buffer looking for the record and the terminator into separate routines, */
+ /* with a higher-level routine doing the reading of data and buffer management. */
+@@ -163,10 +164,10 @@
+ static int gawk_pclose P((struct redirect *rp));
+ static int do_pathopen P((const char *file));
+ static int str2mode P((const char *mode));
+-static void spec_setup P((IOBUF *iop, int len, int allocate));
+-static int specfdopen P((IOBUF *iop, const char *name, const char *mode));
+-static int pidopen P((IOBUF *iop, const char *name, const char *mode));
+-static int useropen P((IOBUF *iop, const char *name, const char *mode));
++static void spec_setup P((IOBUF *iop, int len));
++static IOBUF *specfdopen P((IOBUF *iop, const char *name, const char *mode));
++static IOBUF *pidopen P((IOBUF *iop, const char *name, const char *mode));
++static IOBUF *useropen P((IOBUF *iop, const char *name, const char *mode));
+ static int two_way_open P((const char *str, struct redirect *rp));
+ static int pty_vs_pipe P((const char *command));
+
+@@ -1422,30 +1423,24 @@
+ /* spec_setup --- setup an IOBUF for a special internal file */
+
+ static void
+-spec_setup(IOBUF *iop, int len, int allocate)
++spec_setup(IOBUF *iop, int len)
+ {
+ char *cp;
+
+- if (allocate) {
+- emalloc(cp, char *, len+2, "spec_setup");
+- iop->buf = cp;
+- } else {
+- len = strlen(iop->buf);
+- iop->buf[len++] = '\n'; /* get_a_record clobbered it */
+- iop->buf[len] = '\0'; /* just in case */
+- }
++ emalloc(cp, char *, len+2, "spec_setup");
++ iop->buf = cp;
+ iop->off = iop->buf;
+ iop->count = 0;
+ iop->size = len;
+ iop->end = iop->buf + len;
+ iop->dataend = iop->end;
+ iop->fd = -1;
+- iop->flag = IOP_IS_INTERNAL | IOP_AT_START;
++ iop->flag = IOP_IS_INTERNAL | IOP_AT_START | IOP_NO_FREE;
+ }
+
+ /* specfdopen --- open an fd special file */
+
+-static int
++static IOBUF *
+ specfdopen(IOBUF *iop, const char *name, const char *mode)
+ {
+ int fd;
+@@ -1453,23 +1448,20 @@
+
+ fd = devopen(name, mode);
+ if (fd == INVALID_HANDLE)
+- return INVALID_HANDLE;
+- tp = iop_alloc(fd, name, NULL);
++ return NULL;
++ tp = iop_alloc(fd, name, iop);
+ if (tp == NULL) {
+ /* don't leak fd's */
+ close(fd);
+- return INVALID_HANDLE;
++ return NULL;
+ }
+- *iop = *tp;
+- iop->flag |= IOP_NO_FREE;
+- free(tp);
+- return 0;
++ return tp;
+ }
+
+
+ /* pidopen --- "open" /dev/pid, /dev/ppid, and /dev/pgrpid */
+
+-static int
++static IOBUF *
+ pidopen(IOBUF *iop, const char *name, const char *mode ATTRIBUTE_UNUSED)
+ {
+ char tbuf[BUFSIZ];
+@@ -1478,6 +1470,12 @@
+
+ warning(_("use `PROCINFO[\"%s\"]' instead of `%s'"), cp, name);
+
++ if (iop == NULL) {
++ iop = iop_alloc(INVALID_HANDLE, name, iop);
++ if (iop == NULL)
++ return NULL;
++ }
++
+ if (name[6] == 'g')
+ #ifdef GETPGRP_VOID
+ sprintf(tbuf, "%d\n", (int) getpgrp());
+@@ -1489,9 +1487,9 @@
+ else
+ sprintf(tbuf, "%d\n", (int) getppid());
+ i = strlen(tbuf);
+- spec_setup(iop, i, TRUE);
++ spec_setup(iop, i);
+ strcpy(iop->buf, tbuf);
+- return 0;
++ return iop;
+ }
+
+ /* useropen --- "open" /dev/user */
+@@ -1506,7 +1504,7 @@
+ * supplementary group set.
+ */
+
+-static int
++static IOBUF *
+ useropen(IOBUF *iop, const char *name ATTRIBUTE_UNUSED, const char *mode ATTRIBUTE_UNUSED)
+ {
+ char tbuf[BUFSIZ], *cp;
+@@ -1514,6 +1512,12 @@
+
+ warning(_("use `PROCINFO[...]' instead of `/dev/user'"));
+
++ if (iop == NULL) {
++ iop = iop_alloc(INVALID_HANDLE, name, iop);
++ if (iop == NULL)
++ return NULL;
++ }
++
+ sprintf(tbuf, "%d %d %d %d", (int) getuid(), (int) geteuid(), (int) getgid(), (int) getegid());
+
+ cp = tbuf + strlen(tbuf);
+@@ -1528,9 +1532,9 @@
+ *cp++ = '\0';
+
+ i = strlen(tbuf);
+- spec_setup(iop, i, TRUE);
++ spec_setup(iop, i);
+ strcpy(iop->buf, tbuf);
+- return 0;
++ return iop;
+ }
+
+ /* iop_open --- handle special and regular files for input */
+@@ -1543,8 +1547,7 @@
+ static struct internal {
+ const char *name;
+ int compare;
+- int (*fp) P((IOBUF *, const char *, const char *));
+- IOBUF iob;
++ IOBUF *(*fp) P((IOBUF *, const char *, const char *));
+ } table[] = {
+ { "/dev/fd/", 8, specfdopen },
+ { "/dev/stdin", 10, specfdopen },
+@@ -1569,12 +1572,7 @@
+
+ for (i = 0; i < devcount; i++) {
+ if (STREQN(name, table[i].name, table[i].compare)) {
+- iop = & table[i].iob;
+-
+- if (iop->buf != NULL) {
+- spec_setup(iop, 0, FALSE);
+- return iop;
+- } else if ((*table[i].fp)(iop, name, mode) == 0)
++ if ((iop = (*table[i].fp)(iop, name, mode)) != NULL)
+ return iop;
+ else {
+ warning(_("could not open `%s', mode `%s'"),
+@@ -2909,6 +2907,10 @@
+
+ /* <fill initial buffer>= */
+ if (has_no_data(iop) || no_data_left(iop)) {
++ if (is_internal(iop)) {
++ iop->flag |= IOP_AT_EOF;
++ return EOF;
++ }
+ iop->count = read(iop->fd, iop->buf, iop->readsize);
+ if (iop->count == 0) {
+ iop->flag |= IOP_AT_EOF;
--- /dev/null
+diff -bru gawk-3.1.5.orig/io.c gawk-3.1.5/io.c
+--- gawk-3.1.5.orig/io.c 2006-07-07 16:13:08.000000000 +0200
++++ gawk-3.1.5/io.c 2006-07-10 13:18:13.000000000 +0200
+@@ -71,7 +71,6 @@
+ extern int MRL;
+
+ #ifdef HAVE_SOCKETS
+-enum inet_prot { INET_NONE, INET_TCP, INET_UDP, INET_RAW };
+
+ #ifndef SHUT_RD
+ #define SHUT_RD 0
+@@ -1133,24 +1132,60 @@
+ /* socketopen --- open a socket and set it into connected state */
+
+ static int
+-socketopen(enum inet_prot type, int localport, int remoteport, const char *remotehostname)
++socketopen(int type, const char *localpname, const char *remotepname,
++ const char *remotehostname)
+ {
+- struct hostent *hp = gethostbyname(remotehostname);
+- struct sockaddr_in local_addr, remote_addr;
++ struct addrinfo *lres, *lres0;
++ struct addrinfo lhints;
++ struct addrinfo *rres, *rres0;
++ struct addrinfo rhints;
++
++ int lerror;
++ int rerror;
++
+ int socket_fd;
+ int any_remote_host = strcmp(remotehostname, "0");
+
++ memset (&lhints, '\0', sizeof (lhints));
++ lhints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
++ lhints.ai_socktype = type;
++
++ lerror = getaddrinfo (NULL, localpname, &lhints, &lres);
++ if (lerror) {
++ if (strcmp(localpname, "0"))
++ fatal(_("local port invalid in `/inet'"));
++ lres0 = NULL;
++ lres = &lhints;
++ } else
++ lres0 = lres;
++
++ while (lres) {
++ memset (&rhints, '\0', sizeof (rhints));
++ rhints.ai_flags = lhints.ai_flags;
++ rhints.ai_socktype = lhints.ai_socktype;
++ rhints.ai_family = lhints.ai_family;
++ rhints.ai_protocol = lhints.ai_protocol;
++
++ rerror = getaddrinfo (remotehostname, remotepname, &rhints, &rres);
++ if (rerror) {
++ if (lres0)
++ freeaddrinfo(lres0);
++ fatal(_("remote host and port information invalid"));
++ }
++ rres0 = rres;
+ socket_fd = INVALID_HANDLE;
+- switch (type) {
+- case INET_TCP:
+- if (localport != 0 || remoteport != 0) {
++ while (rres) {
++ socket_fd = socket (rres->ai_family,
++ rres->ai_socktype, rres->ai_protocol);
++ if (socket_fd < 0 || socket_fd == INVALID_HANDLE)
++ goto nextrres;
++
++ if (type == SOCK_STREAM) {
+ int on = 1;
+ #ifdef SO_LINGER
+ struct linger linger;
+-
+ memset(& linger, '\0', sizeof(linger));
+ #endif
+- socket_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+ setsockopt(socket_fd, SOL_SOCKET, SO_REUSEADDR,
+ (char *) & on, sizeof(on));
+ #ifdef SO_LINGER
+@@ -1160,57 +1195,27 @@
+ (char *) & linger, sizeof(linger));
+ #endif
+ }
+- break;
+- case INET_UDP:
+- if (localport != 0 || remoteport != 0)
+- socket_fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+- break;
+- case INET_RAW:
+-#ifdef SOCK_RAW
+- if (localport == 0 && remoteport == 0)
+- socket_fd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+-#endif
+- break;
+- case INET_NONE:
+- /* fall through */
+- default:
+- cant_happen();
+- break;
+- }
++ if (bind(socket_fd, lres->ai_addr, lres->ai_addrlen) != 0)
++ goto nextrres;
+
+- if (socket_fd < 0 || socket_fd == INVALID_HANDLE
+- || (hp == NULL && any_remote_host != 0))
+- return INVALID_HANDLE;
+-
+- local_addr.sin_family = remote_addr.sin_family = AF_INET;
+- local_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+- remote_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+- local_addr.sin_port = htons(localport);
+- remote_addr.sin_port = htons(remoteport);
+- if (bind(socket_fd, (struct sockaddr *) &local_addr, sizeof(local_addr)) == 0) {
+ if (any_remote_host != 0) { /* not ANY => create a client */
+- if (type == INET_TCP || type == INET_UDP) {
+- memcpy(&remote_addr.sin_addr, hp->h_addr,
+- sizeof(remote_addr.sin_addr));
+- if (connect(socket_fd,
+- (struct sockaddr *) &remote_addr,
+- sizeof(remote_addr)) != 0) {
+- close(socket_fd);
+- if (localport == 0)
+- socket_fd = INVALID_HANDLE;
+- else
+- socket_fd = socketopen(type, localport, 0, "0");
+- }
++ if (type != SOCK_RAW) {
++ if (connect(socket_fd, rres->ai_addr,
++ rres->ai_addrlen) == 0)
++ break;
+ } else {
+ /* /inet/raw client not ready yet */
+ fatal(_("/inet/raw client not ready yet, sorry"));
+ if (geteuid() != 0)
++ /* FIXME: is this second fatal ever reached? */
+ fatal(_("only root may use `/inet/raw'."));
+ }
+ } else { /* remote host is ANY => create a server */
+- if (type == INET_TCP) {
++ if (type == SOCK_STREAM) {
+ int clientsocket_fd = INVALID_HANDLE;
+- socklen_t namelen = sizeof(remote_addr);
++
++ struct sockaddr_storage remote_addr;
++ socklen_t namelen = sizeof (remote_addr);
+
+ if (listen(socket_fd, 1) >= 0
+ && (clientsocket_fd = accept(socket_fd,
+@@ -1218,25 +1223,22 @@
+ &namelen)) >= 0) {
+ close(socket_fd);
+ socket_fd = clientsocket_fd;
+- } else {
+- close(socket_fd);
+- socket_fd = INVALID_HANDLE;
++ break;
+ }
+- } else if (type == INET_UDP) {
++ } else if (type == SOCK_DGRAM) {
+ #ifdef MSG_PEEK
+ char buf[10];
++ struct sockaddr_storage remote_addr;
+ socklen_t readle;
+
+ if (recvfrom(socket_fd, buf, 1, MSG_PEEK,
+ (struct sockaddr *) & remote_addr,
+- & readle) < 1
+- || readle != sizeof(remote_addr)
+- || connect(socket_fd,
++ & readle) >= 0
++ && readle
++ && connect(socket_fd,
+ (struct sockaddr *)& remote_addr,
+- readle) != 0) {
+- close(socket_fd);
+- socket_fd = INVALID_HANDLE;
+- }
++ readle) == 0)
++ break;
+ #endif
+ } else {
+ /* /inet/raw server not ready yet */
+@@ -1245,10 +1247,20 @@
+ fatal(_("only root may use `/inet/raw'."));
+ }
+ }
+- } else {
++
++nextrres:
++ if (socket_fd != INVALID_HANDLE)
+ close(socket_fd);
+ socket_fd = INVALID_HANDLE;
++ rres = rres->ai_next;
++ }
++ freeaddrinfo(rres0);
++ if (socket_fd != INVALID_HANDLE)
++ break;
++ lres = lres->ai_next;
+ }
++ if (lres0)
++ freeaddrinfo(lres0);
+
+ return socket_fd;
+ }
+@@ -1313,30 +1325,24 @@
+ } else if (STREQN(name, "/inet/", 6)) {
+ #ifdef HAVE_SOCKETS
+ /* /inet/protocol/localport/hostname/remoteport */
+- enum inet_prot protocol = INET_NONE;
+- int localport, remoteport;
++ int protocol;
+ char *hostname;
+ char *hostnameslastcharp;
+ char *localpname;
+- char proto[4];
+- struct servent *service;
++ char *localpnamelastcharp;
+
+ cp = (char *) name + 6;
+ /* which protocol? */
+ if (STREQN(cp, "tcp/", 4))
+- protocol = INET_TCP;
++ protocol = SOCK_STREAM;
+ else if (STREQN(cp, "udp/", 4))
+- protocol = INET_UDP;
++ protocol = SOCK_DGRAM;
+ else if (STREQN(cp, "raw/", 4))
+- protocol = INET_RAW;
++ protocol = SOCK_RAW;
+ else
+ fatal(_("no (known) protocol supplied in special filename `%s'"),
+ name);
+
+- proto[0] = cp[0];
+- proto[1] = cp[1];
+- proto[2] = cp[2];
+- proto[3] = '\0';
+ cp += 4;
+
+ /* which localport? */
+@@ -1354,25 +1360,17 @@
+ * By using atoi() the use of decimal numbers is enforced.
+ */
+ *cp = '\0';
+-
+- localport = atoi(localpname);
+- if (strcmp(localpname, "0") != 0
+- && (localport <= 0 || localport > 65535)) {
+- service = getservbyname(localpname, proto);
+- if (service == NULL)
+- fatal(_("local port invalid in `%s'"), name);
+- else
+- localport = ntohs(service->s_port);
+- }
+- *cp = '/';
++ localpnamelastcharp = cp;
+
+ /* which hostname? */
+ cp++;
+ hostname = cp;
+ while (*cp != '/' && *cp != '\0')
+ cp++;
+- if (*cp != '/' || cp == hostname)
++ if (*cp != '/' || cp == hostname) {
++ *localpnamelastcharp = '/';
+ fatal(_("must supply a remote hostname to `/inet'"));
++ }
+ *cp = '\0';
+ hostnameslastcharp = cp;
+
+@@ -1386,22 +1384,15 @@
+ * Here too, require a port, let them explicitly put 0 if
+ * they don't care.
+ */
+- if (*cp == '\0')
++ if (*cp == '\0') {
++ *localpnamelastcharp = '/';
++ *hostnameslastcharp = '/';
+ fatal(_("must supply a remote port to `/inet'"));
+- remoteport = atoi(cp);
+- if (strcmp(cp, "0") != 0
+- && (remoteport <= 0 || remoteport > 65535)) {
+- service = getservbyname(cp, proto);
+- if (service == NULL)
+- fatal(_("remote port invalid in `%s'"), name);
+- else
+- remoteport = ntohs(service->s_port);
+ }
+
+- /* Open Sesame! */
+- openfd = socketopen(protocol, localport, remoteport, hostname);
++ openfd = socketopen(protocol, localpname, cp, hostname);
++ *localpnamelastcharp = '/';
+ *hostnameslastcharp = '/';
+-
+ #else /* ! HAVE_SOCKETS */
+ fatal(_("TCP/IP communications are not supported"));
+ #endif /* HAVE_SOCKETS */
--- /dev/null
+
+ Date: Mon, 18 Dec 2006 18:38:13 +0300
+ From: "Dmitry V. Levin" <ldv@altlinux.org>
+ Subject: gawk: do_match() invalid read
+ To: bug-gawk@gnu.org
+
+ Due to missing mounds check, do_match() may do invalid read in multibyte
+ locales:
+
+ $ printf '\n\n' |env -i gawk '{print match(""," *")}'
+ 1
+ 1
+ $ printf '\n\n' |env -i LC_ALL=3Dru_RU.UTF-8 gawk '{print match(""," *")}'
+ -1208299079
+ 134843273
+
+ As you see, match() output in multibyte locale is wrong; valgrind reports
+ about "Invalid read of size 4".
+
+
+--- gawk-3.1.5/builtin.c.mbread 2007-01-12 13:23:55.000000000 +0100
++++ gawk-3.1.5/builtin.c 2007-01-12 13:24:41.000000000 +0100
+@@ -2020,7 +2020,7 @@
+
+ rlength = REEND(rp, t1->stptr) - RESTART(rp, t1->stptr); /* byte length */
+ #ifdef MBS_SUPPORT
+- if (gawk_mb_cur_max > 1) {
++ if (rlength > 0 && gawk_mb_cur_max > 1) {
+ t1 = str2wstr(t1, & wc_indices);
+ rlength = wc_indices[rstart + rlength - 1] - wc_indices[rstart] + 1;
+ rstart = wc_indices[rstart];
+@@ -2046,7 +2046,7 @@
+ subpat_start = s;
+ subpat_len = len = SUBPATEND(rp, t1->stptr, ii) - s;
+ #ifdef MBS_SUPPORT
+- if (gawk_mb_cur_max > 1) {
++ if (len > 0 && gawk_mb_cur_max > 1) {
+ subpat_start = wc_indices[s];
+ subpat_len = wc_indices[s + len - 1] - subpat_start + 1;
+ }
--- /dev/null
+--- gawk-3.1.5/node.c.num2str 2005-07-26 20:07:43.000000000 +0200
++++ gawk-3.1.5/node.c 2005-12-22 19:41:55.000000000 +0100
+@@ -151,6 +151,7 @@
+ register char *sp = buf;
+ double val;
+ char *orig, *trans, save;
++ register long num;
+
+ if (! do_traditional && (s->flags & INTLSTR) != 0) {
+ save = s->stptr[s->stlen];
+@@ -163,9 +164,12 @@
+ return tmp_string(trans, strlen(trans));
+ }
+
+- /* not an integral value, or out of range */
+- if ((val = double_to_int(s->numbr)) != s->numbr
+- || val < LONG_MIN || val > LONG_MAX) {
++ /* conversion to long overflows, or out of range, or not integral */
++ val = double_to_int(s->numbr);
++ num = (long) val;
++ if ( (s->numbr > 0 && num < 0)
++ || (s->numbr < 0 && num > 0)
++ || val < LONG_MIN || val > LONG_MAX || val != s->numbr) {
+ /*
+ * Once upon a time, if GFMT_WORKAROUND wasn't defined,
+ * we just blindly did this:
+@@ -199,9 +203,7 @@
+
+ goto no_malloc;
+ } else {
+- /* integral value */
+- /* force conversion to long only once */
+- register long num = (long) val;
++ /* integral value, in range, too! */
+ if (num < NVAL && num >= 0) {
+ sp = (char *) values[num];
+ s->stlen = 1;
--- /dev/null
+Tue Jul 4 22:43:05 2006 Arnold D. Robbins <arnold@skeeve.com>
+
+ * eval.c (interpret): Node_assign_concat case: Turn off NUMBER and NUMCUR
+ flags in result. Sheesh. Thanks to <Heiner.Marxen@DrB.Insel.DE> for finding
+ the problem.
+
+--- gawk-3.1.5/eval.c.numflags 2006-07-10 09:36:26.000000000 +0200
++++ gawk-3.1.5/eval.c 2006-07-10 09:36:41.000000000 +0200
+@@ -1193,6 +1193,7 @@
+ unref(*lhs);
+ *lhs = make_str_node(nval, l->stlen + r->stlen, ALREADY_MALLOCED);
+ }
++ (*lhs)->flags &= ~(NUMCUR|NUMBER);
+ free_temp(r);
+
+ if (after_assign)
--- /dev/null
+Fri Jun 23 15:48:34 2006 Arnold D. Robbins <arnold@skeeve.com>
+
+ * awkgram.y (subn): At end for `do_sprintf' check, verify that lnode is not NULL
+ before using it assign through.
+
+--- gawk-3.1.5/awkgram.y.syntaxerror 2005-07-26 20:07:43.000000000 +0200
++++ gawk-3.1.5/awkgram.y 2006-06-23 17:43:55.000000000 +0200
+@@ -2399,7 +2399,8 @@
+ r->subnode = subn;
+ if (r->builtin == do_sprintf) {
+ count_args(r);
+- r->lnode->printf_count = r->printf_count; /* hack */
++ if (r->lnode != NULL) /* r->lnode set from subn. guard against syntax errors & check it's valid */
++ r->lnode->printf_count = r->printf_count; /* hack */
+ }
+ return r;
+ }
--- /dev/null
+--- gawk-3.1.5/eval.c.wconcat 2006-02-14 09:40:54.000000000 +0100
++++ gawk-3.1.5/eval.c 2006-02-14 09:43:33.000000000 +0100
+@@ -1176,6 +1176,13 @@
+ memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
+ l->stlen += r->stlen;
+ l->stptr[l->stlen] = '\0';
++#if defined MBS_SUPPORT
++ if (r->wstptr != NULL)
++ free(r->wstptr);
++ r->wstptr = NULL;
++ r->wstlen = 0;
++ r->flags &= ~WSTRCUR;
++#endif /* MBS_SUPPORT */
+ } else {
+ char *nval;
+ size_t nlen = l->stlen + r->stlen + 2;