]> Shamusworld >> Repos - rmac/commitdiff
projects / rmac / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ace0b54)
Add sanity checks to input line tokenizer. Probably will need more.
authorShamus Hammons <jlhamm@acm.org>
Sat, 4 Jul 2020 17:29:20 +0000 (12:29 -0500)
committerShamus Hammons <jlhamm@acm.org>
Sat, 4 Jul 2020 17:29:20 +0000 (12:29 -0500)
token.c patch | blob | history

diff --git a/token.c b/token.c
index 55dbc290980722d06ed144755e43bb85587965a5..1e5428200bf0ce952b748445e15349f42bd09765 100644 (file)
--- a/token.c
+++ b/token.c
@@ -792,7 +792,7 @@ int fpop(void)
        if (numUnmatched > 0)
                warn("missing %d .endif(s)", numUnmatched);
 
        if (numUnmatched > 0)
                warn("missing %d .endif(s)", numUnmatched);
 
-       tok = inobj->in_otok;   // Restore tok and otok
+       tok = inobj->in_otok;   // Restore tok and etok
        etok = inobj->in_etok;
 
        switch (inobj->in_type)
        etok = inobj->in_etok;
 
        switch (inobj->in_type)
@@ -1044,7 +1044,13 @@ DEBUG { printf("TokenizeLine: Calling fpop() from SRC_IFILE...\n"); }
        // macro-type blocks, since it is expensive to unconditionally copy every
        // line.
        if (lnsave)
        // macro-type blocks, since it is expensive to unconditionally copy every
        // line.
        if (lnsave)
+       {
+               // Sanity check
+               if (strlen(ln) > LNSIZ)
+                       return error("line too long (%d, max %d)", strlen(ln), LNSIZ);
+
                strcpy(lnbuf, ln);
                strcpy(lnbuf, ln);
+       }
 
        // General housekeeping
        tok = tokeol;                   // Set "tok" to EOL in case of error
 
        // General housekeeping
        tok = tokeol;                   // Set "tok" to EOL in case of error
@@ -1075,6 +1081,12 @@ DEBUG { printf("TokenizeLine: Calling fpop() from SRC_IFILE...\n"); }
        //  o  handle multiple-character tokens (constants, strings, etc.).
        for(; *ln!=EOS;)
        {
        //  o  handle multiple-character tokens (constants, strings, etc.).
        for(; *ln!=EOS;)
        {
+               // Check to see if there's enough space in the token buffer
+               if (tk.cp >= ((uint8_t *)(&tokbuf[TOKBUFSIZE])))
+               {
+                       return error("token buffer overrun");
+               }
+
                // Skip whitespace, handle EOL
                while (chrtab[*ln] & WHITE)
                        ln++;
                // Skip whitespace, handle EOL
                while (chrtab[*ln] & WHITE)
                        ln++;
Unnamed repository; edit this file 'description' to name the repository.