This is the mail archive of the
java-patches@gcc.gnu.org
mailing list for the Java project.
Re: [Patch] PR java/22113: Fix buffer overflow in Java lexer forFP literals
- From: Andrew Haley <aph at redhat dot com>
- To: David Daney <ddaney at avtrex dot com>
- Cc: Ranjit Mathew <rmathew at gmail dot com>, GCJ Patches <java-patches at gcc dot gnu dot org>, GCC Patches <gcc-patches at gcc dot gnu dot org>
- Date: Tue, 16 Aug 2005 19:36:46 +0100
- Subject: Re: [Patch] PR java/22113: Fix buffer overflow in Java lexer forFP literals
- References: <43022C18.6080400@gmail.com><43022DBE.6060200@avtrex.com>
David Daney writes:
> Ranjit Mathew wrote:
> > Hi,
> >
> > This is a naive but effective patch for PR java/22113 where
> > the 'literal_token' buffer of do_java_lex() in lex.c for reading
> > in an FP literal was overflowing in cases like the Jacks testcase
> > 3.10.2-round-6.
> >
> > Tested on i686-pc-linux-gnu with Jacks included. Produces
> > no new failures and fixes the recent FAIL-ing of 3.10.2-round-6
> > on i686-pc-linux-gnu at least.
> >
> > OK for mainline?
> >
> > Thanks,
> > Ranjit.
> >
> > :ADDPATCH java:
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > Index: ChangeLog
> > from Ranjit Mathew <rmathew@hotmail.com>
> >
> > PR java/22113
> > * lex.c (do_java_lex): Define MAX_TOKEN_LEN. Avoid overflowing
> > `literal_token' for large numeric input tokens.
> >
>
> What is the actual length of the longest of the tokens in question
> allowed by the JLS?
>
> It seems if it is unbounded, that this is not the correct fix.
> Otherwise it seems unlikely that the upper bound is exactly 256.
Sure, but it's better than what it replaces.
Andrew.