[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 1/2] lexer: Check that 'read' function in lex_source returns vali
|
From: |
Ben Pfaff |
|
Subject: |
[PATCH 1/2] lexer: Check that 'read' function in lex_source returns valid value. |
|
Date: |
Sat, 5 May 2012 22:14:15 -0700 |
A 'read' function may only read as many bytes as the size of the
buffer passed into it, but the caller didn't check, which made an
actual violation of this invariant hard to diagnose.
---
src/language/lexer/lexer.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/src/language/lexer/lexer.c b/src/language/lexer/lexer.c
index e72a3e4..1caadac 100644
--- a/src/language/lexer/lexer.c
+++ b/src/language/lexer/lexer.c
@@ -1209,14 +1209,18 @@ lex_source_read__ (struct lex_source *src)
do
{
size_t head_ofs;
+ size_t space;
size_t n;
lex_source_expand__ (src);
head_ofs = src->head - src->tail;
+ space = src->allocated - head_ofs;
n = src->reader->class->read (src->reader, &src->buffer[head_ofs],
- src->allocated - head_ofs,
+ space,
segmenter_get_prompt (&src->segmenter));
+ assert (n <= space);
+
if (n == 0)
{
/* End of input.
--
1.7.2.5