You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
1.6 KiB
58 lines
1.6 KiB
From 1d1bdec6318746f6f19f245db589eddc887ae8ff Mon Sep 17 00:00:00 2001 |
|
From: "Emden R. Gansner" <erg@alum.mit.edu> |
|
Date: Wed, 8 Jan 2014 11:31:04 -0500 |
|
Subject: [PATCH] Fix possible buffer overflow problem in chkNum of scanner. |
|
|
|
--- |
|
lib/cgraph/scan.l | 35 ++++++++++++++++++++++++++--------- |
|
1 file changed, 26 insertions(+), 9 deletions(-) |
|
|
|
diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l |
|
index 212967c..d065b61 100644 |
|
--- a/lib/cgraph/scan.l |
|
+++ b/lib/cgraph/scan.l |
|
@@ -129,15 +129,32 @@ static void ppDirective (void) |
|
* and report this to the user. |
|
*/ |
|
static int chkNum(void) { |
|
- unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */ |
|
- if (!isdigit(c) && (c != '.')) { /* c is letter */ |
|
- char buf[BUFSIZ]; |
|
- sprintf(buf,"syntax error - badly formed number '%s' in line %d of %s\n",yytext,line_num, InputFile); |
|
- strcat (buf, "splits into two name tokens\n"); |
|
- agerr(AGWARN,buf); |
|
- return 1; |
|
- } |
|
- else return 0; |
|
+ unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */ |
|
+ if (!isdigit(c) && (c != '.')) { /* c is letter */ |
|
+ unsigned char xbuf[BUFSIZ]; |
|
+ char buf[BUFSIZ]; |
|
+ agxbuf xb; |
|
+ char* fname; |
|
+ |
|
+ if (InputFile) |
|
+ fname = InputFile; |
|
+ else |
|
+ fname = "input"; |
|
+ |
|
+ agxbinit(&xb, BUFSIZ, xbuf); |
|
+ |
|
+ agxbput(&xb,"syntax ambiguity - badly delimited number '"); |
|
+ agxbput(&xb,yytext); |
|
+ sprintf(buf,"' in line %d of ", line_num); |
|
+ agxbput(&xb,buf); |
|
+ agxbput(&xb,fname); |
|
+ agxbput(&xb, " splits into two tokens\n"); |
|
+ agerr(AGWARN,agxbuse(&xb)); |
|
+ |
|
+ agxbfree(&xb); |
|
+ return 1; |
|
+ } |
|
+ else return 0; |
|
} |
|
|
|
/* The LETTER class below consists of ascii letters, underscore, all non-ascii |
|
-- |
|
1.8.5.1 |
|
|
|
|