diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2025-12-14 14:45:49 -0800 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2025-12-14 14:47:21 -0800 |
| commit | 51b8a7c7cb4132ce1fc239c86b5858fa7636b488 (patch) | |
| tree | 3f1bec32e5a890dc523d92094cd341b7d4536cb8 /lib-src | |
| parent | 2d1e891eea742e16f1ae26763af2a70ef1a95a81 (diff) | |
Fix some make-docfile core dumps
This bit me when I ran ‘make’ with typos in the Emacs source.
* lib-src/make-docfile.c (struct rcsoc_state.buf_lim):
New member.
(read_c_string_or_comment): Initialize it.
(put_char, scan_c_stream): Check for buffer overflow.
(scan_c_stream): Output a diagnostic rather than aborting
when the buffer overflows.
Diffstat (limited to 'lib-src')
| -rw-r--r-- | lib-src/make-docfile.c | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/lib-src/make-docfile.c b/lib-src/make-docfile.c index d0ea463f299..068b36f1b74 100644 --- a/lib-src/make-docfile.c +++ b/lib-src/make-docfile.c @@ -261,6 +261,8 @@ struct rcsoc_state /* If non-zero, a buffer into which to copy characters. */ char *buf_ptr; + /* If non-zero, one past the buffer's last byte. */ + char *buf_lim; /* If non-zero, a file into which to copy characters. */ FILE *out_file; @@ -299,7 +301,11 @@ put_char (char ch, struct rcsoc_state *state) if (state->out_file) putc (out_ch, state->out_file); if (state->buf_ptr) - *state->buf_ptr++ = out_ch; + { + *state->buf_ptr++ = out_ch; + if (state->buf_lim <= state->buf_ptr) + fatal ("state buffer exhausted"); + } } while (out_ch != ch); } @@ -397,8 +403,9 @@ read_c_string_or_comment (FILE *infile, int printflag, bool comment, struct rcsoc_state state; state.in_file = infile; - state.buf_ptr = (printflag < 0 ? input_buffer : 0); - state.out_file = (printflag > 0 ? stdout : 0); + state.buf_ptr = printflag < 0 ? input_buffer : NULL; + state.buf_lim = printflag < 0 ? input_buffer + sizeof input_buffer : NULL; + state.out_file = printflag <= 0 ? NULL : stdout; state.pending_spaces = 0; state.pending_newlines = 0; state.keyword = (saw_usage ? "usage:" : 0); @@ -1109,8 +1116,8 @@ scan_c_stream (FILE *infile) goto eof; if (c == ')') break; - if (p - input_buffer > sizeof (input_buffer)) - abort (); + if (input_buffer + sizeof input_buffer <= p) + fatal ("attribute buffer exhausted"); *p++ = c; } *p = 0; @@ -1199,16 +1206,17 @@ scan_c_stream (FILE *infile) c = getc (infile); } /* Copy arguments into ARGBUF. */ - *p++ = c; - do + while (true) { + *p++ = c; + if (argbuf + sizeof argbuf <= p) + fatal ("argument buffer exhausted"); + if (c == ')') + break; c = getc (infile); if (c < 0) goto eof; - *p++ = c; } - while (c != ')'); - *p = '\0'; /* Output them. */ fputs ("\n\n", stdout); |