This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: Fix for off-by-one error in cpplib


I'm afraid none of these are the right patch.

pfile->token_buffer + written points to a quoted string, "foobar.h"
name points just past the first quote, foobar.h"
and the point of the code is to remove the trailing quotation mark, so
we just have foobar.h.

As such, we don't want to enlarge the buffer any, because the nul
should just overwrite the quote.

However, the code is broken, on two counts:  the nul is put one _past_
the quote, and the string pointed to by pfile->token_buffer + written
isn't nul terminated.

Here's the right patch.  I'll commit this and a test case.

zw

       * cpplib.c (do_pragma_implementation): Fix off-by-one error
       truncating a string.  Don't assume tokens are nul terminated.

===================================================================
Index: cpplib.c
--- cpplib.c	2000/03/12 23:46:05	1.131
+++ cpplib.c	2000/03/13 17:23:40
@@ -1705,11 +1705,12 @@ do_pragma_implementation (pfile)
       return 1;
     }
 
+  /* Trim the leading and trailing quote marks from the string.  */
   name = pfile->token_buffer + written + 1;
-  len = strlen (name);
+  len = CPP_PWRITTEN (pfile) - name;
   copy = (U_CHAR *) alloca (len);
   memcpy (copy, name, len - 1);
-  copy[len] = '\0';	/* trim trailing quote */
+  copy[len - 1] = '\0';
   
   if (cpp_included (pfile, copy))
     cpp_warning (pfile,

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]