From c4be3d68f000e5c399605d6e6b0186f33ac8c0b7 Mon Sep 17 00:00:00 2001
From: Christophe Geuzaine <cgeuzaine@ulg.ac.be>
Date: Thu, 30 Dec 2004 06:24:02 +0000
Subject: [PATCH] bulletproof parse_string and skip_until so that we don't
crash and simply report the error + use Msg instead of YY_FATAL_ERROR in
YY_INPUT
---
Parser/Gmsh.l | 14 +++++++++++---
Parser/Gmsh.tab.cpp | 2 +-
Parser/Gmsh.yy.cpp | 16 ++++++++++++----
3 files changed, 24 insertions(+), 8 deletions(-)
diff --git a/Parser/Gmsh.l b/Parser/Gmsh.l
index 11d61c6d26..a1ea51a5e6 100644
--- a/Parser/Gmsh.l
+++ b/Parser/Gmsh.l
@@ -1,5 +1,5 @@
%{
-// $Id: Gmsh.l,v 1.61 2004-12-27 00:46:59 geuzaine Exp $
+// $Id: Gmsh.l,v 1.62 2004-12-30 06:24:01 geuzaine Exp $
//
// Copyright (C) 1997-2004 C. Geuzaine, J.-F. Remacle
//
@@ -53,12 +53,12 @@ void skipline(void);
yylineno++; \
} \
if ( c == EOF && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ Msg(FATAL, "input in flex scanner failed" ); \
result = n; \
} \
else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
&& ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" );
+ Msg(FATAL, "input in flex scanner failed" );
%}
@@ -352,6 +352,10 @@ void parsestring(char endchar){
Msg(GERROR, "End of file in string");
break;
}
+ else if(i >= (int)sizeof(tmp)-1){
+ Msg(GERROR, "String too long");
+ break;
+ }
else{
tmp[i++] = (char)c;
}
@@ -397,6 +401,10 @@ void skip_until(char *skip, char *until){
}
l = MAX(l_skip,l_until);
+ if(l >= (int)sizeof(chars)){
+ Msg(GERROR, "Search pattern too long in skip_until");
+ return;
+ }
for(i=1; i<l; i++){
chars[i] = yyinput();
if(chars[i] == (char)EOF){
diff --git a/Parser/Gmsh.tab.cpp b/Parser/Gmsh.tab.cpp
index eb9f989583..accbd3ef9e 100644
--- a/Parser/Gmsh.tab.cpp
+++ b/Parser/Gmsh.tab.cpp
@@ -195,7 +195,7 @@
#line 1 "Gmsh.y"
-// $Id: Gmsh.tab.cpp,v 1.222 2004-12-30 05:43:42 geuzaine Exp $
+// $Id: Gmsh.tab.cpp,v 1.223 2004-12-30 06:24:02 geuzaine Exp $
//
// Copyright (C) 1997-2004 C. Geuzaine, J.-F. Remacle
//
diff --git a/Parser/Gmsh.yy.cpp b/Parser/Gmsh.yy.cpp
index 5026a5430d..8d3c8a2642 100644
--- a/Parser/Gmsh.yy.cpp
+++ b/Parser/Gmsh.yy.cpp
@@ -2,7 +2,7 @@
/* A lexical scanner generated by flex */
/* Scanner skeleton version:
- * $Header: /cvsroot/gmsh/Parser/Gmsh.yy.cpp,v 1.221 2004-12-30 05:43:44 geuzaine Exp $
+ * $Header: /cvsroot/gmsh/Parser/Gmsh.yy.cpp,v 1.222 2004-12-30 06:24:02 geuzaine Exp $
*/
#define FLEX_SCANNER
@@ -1033,7 +1033,7 @@ char *yytext;
#line 1 "Gmsh.l"
#define INITIAL 0
#line 2 "Gmsh.l"
-// $Id: Gmsh.yy.cpp,v 1.221 2004-12-30 05:43:44 geuzaine Exp $
+// $Id: Gmsh.yy.cpp,v 1.222 2004-12-30 06:24:02 geuzaine Exp $
//
// Copyright (C) 1997-2004 C. Geuzaine, J.-F. Remacle
//
@@ -1087,12 +1087,12 @@ void skipline(void);
yylineno++; \
} \
if ( c == EOF && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ Msg(FATAL, "input in flex scanner failed" ); \
result = n; \
} \
else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
&& ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" );
+ Msg(FATAL, "input in flex scanner failed" );
#line 1098 "Gmsh.yy.cpp"
@@ -3301,6 +3301,10 @@ void parsestring(char endchar){
Msg(GERROR, "End of file in string");
break;
}
+ else if(i >= (int)sizeof(tmp)-1){
+ Msg(GERROR, "String too long");
+ break;
+ }
else{
tmp[i++] = (char)c;
}
@@ -3346,6 +3350,10 @@ void skip_until(char *skip, char *until){
}
l = MAX(l_skip,l_until);
+ if(l >= (int)sizeof(chars)){
+ Msg(GERROR, "Search pattern too long in skip_until");
+ return;
+ }
for(i=1; i<l; i++){
chars[i] = yyinput();
if(chars[i] == (char)EOF){
--
GitLab