[hackers] [scc] [cc1] fix off-by-one bug in getdefs || Roberto E. Vargas Caballero

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <git_AT_suckless.org>
Date: Thu, 12 Jan 2017 08:57:50 +0100 (CET)

commit 6662e4323b9d658de6cf909c16f997515e03d83b
Author: Roberto E. Vargas Caballero <k0ga_AT_shike2.com>
AuthorDate: Thu Jan 12 08:55:02 2017 +0100
Commit: Roberto E. Vargas Caballero <k0ga_AT_shike2.com>
CommitDate: Thu Jan 12 08:55:02 2017 +0100

    [cc1] fix off-by-one bug in getdefs

    The pointer to the buffer was incremented but the size was not decremented,
    and it could generate overrun in buffers.

diff --git a/cc1/cpp.c b/cc1/cpp.c
index 2aa29ae..63dc281 100644
--- a/cc1/cpp.c
+++ b/cc1/cpp.c
_AT_@ -351,8 +351,10 @@ getdefs(Symbol *args[NR_MACROARG], int nargs, char *bp, size_t bufsiz)
                         bp += len;
                         bufsiz -= len;
                 }
- if ((prevc = yytoken) != '#')
+ if ((prevc = yytoken) != '#') {
                         *bp++ = ' ';
+ --bufsiz;
+ }
                 next();
         }
         *bp = '\0';
Received on Thu Jan 12 2017 - 08:57:50 CET

This archive was generated by hypermail 2.3.0 : Thu Jan 12 2017 - 09:00:20 CET