Browse Source
In order to work with preprocessed dts files more easily, dts will parse line number information in the form emitted by cpp. Anton Blanchard (using a fuzzer) reported that including a line number directive with a nul character (a literal nul in the input file, not a \0 sequence) would cause dtc to SEGV. I spotted several more problems on examining the code: * It modified yytext in place which seems to work, but is ugly and I'm not sure if it's safe on all lex/flex versions * The regexp used in the lexer to recognize line number information accepts strings with escape characters, but it won't process these escapes. - GNU cpp at least, will generate \ escapes in line number information, at least with files containing " or \ in the name This patch reworks the handling of line number information to address these problems. \ escapes should now be handled directly. nuls in file names (either with a literal nul in the input file, or with a \0 escape sequence) are still not permitted, but will now result in a lexical error rather than a SEGV. Reported-by: Anton Blanchard <anton@samba.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>main
David Gibson
9 years ago
5 changed files with 29 additions and 13 deletions
Binary file not shown.
Loading…
Reference in new issue