Fixed a buffer over flow bug. Issue 119 pointed out by mrc.mgg.

higepon · Dec 3, 2009 · 3e30672 · 3e30672
1 parent bb6564e
commit 3e30672
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 13 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,5 +1,6 @@
 2009-12-03  higepon  <higepon@users.sourceforge.jp>
 
+	* src/scanner.re (Scanner::currentToken): Fixed a buffer over flow bug. Issue 119 pointed out by mrc.mgg.
 
 	* lib/psyntax/psyntax/main.ss (lambda): Changed a behavior of default current-exception-handler. Issue 117 pointed out by mrc.mgg.
 

diff --git a/src/Reader.y b/src/Reader.y
@@ -170,17 +170,22 @@ int yyerror(char const *str)
 {
     TextualInputPort* const port = currentVM()->readerContext()->port();
     const Object prevError = port->error();
+    ucs4string currentToken = port->scanner()->currentToken();
+    if (currentToken.empty()) {
+        currentToken = UC("<end of file>");
+    }
     if (prevError.isNil()) {
-        port->setError(format(NULL, UC("~a: ~a near [~a] at ~a:~d. "),
-                              Pair::list5(prevError,
-                                          str,
-                                          Object::makeString(port->scanner()->currentToken()),
+        port->setError(format(NULL, UC("~a near [~a] at ~a:~d. "),
+                              Pair::list4(str,
+                                          Object::makeString(currentToken),
                                           port->toString(),
                                           Object::makeFixnum(port->getLineNo()))));
+
     } else {
-        port->setError(format(NULL, UC("~a near [~a] at ~a:~d. "),
-                              Pair::list4(str,
-                                          Object::makeString(port->scanner()->currentToken()),
+        port->setError(format(NULL, UC("~a: ~a near [~a] at ~a:~d. "),
+                              Pair::list5(prevError,
+                                          str,
+                                          Object::makeString(currentToken),
                                           port->toString(),
                                           Object::makeFixnum(port->getLineNo()))));
     }

diff --git a/src/Scanner.h b/src/Scanner.h
@@ -46,7 +46,7 @@ class Scanner EXTEND_GC {
     void fill(int n);
     void emptyBuffer();
     int scan(YYSTYPE* yylval);
-    ucs4char* currentToken() const;
+    ucs4string currentToken() const;
 
 private:
 

diff --git a/src/Transcoder.cpp b/src/Transcoder.cpp
@@ -197,7 +197,9 @@ void Transcoder::putChar(BinaryOutputPort* port, ucs4char c)
 
 void Transcoder::unGetChar(ucs4char c)
 {
-    if (EOF == c) return;
+    if (EOF == c) {
+        return;
+    }
     buffer_ += c;
     if (c == EolStyle(LF)) {
         lineNo_--;
@@ -237,7 +239,7 @@ ucs4char Transcoder::getChar(BinaryInputPort* port)
     case EolStyle(NEL):
     case EolStyle(LS):
     {
-            lineNo_++;
+        lineNo_++;
         return EolStyle(LF);
     }
     case EolStyle(CR):

diff --git a/src/scanner.re b/src/scanner.re
@@ -478,7 +478,8 @@ comment:
     }
 }
 
-ucs4char* Scanner::currentToken() const
+ucs4string Scanner::currentToken() const
 {
-    return token_;
+    MOSH_ASSERT(limit_ > token_);
+    return ucs4string(token_, limit_ - token_);
 }
diff --git a/src/work.scm b/src/work.scm
@@ -1,2 +1,10 @@
+;;;!mosh
+
 (import (rnrs))
-(display "\x0;\x1;\x80;\xFF;\xD7FF;\xE000;\x10FFFF;")
+(define b 2)
++-3
+(define a 3)
+;;; end of file
+;; Local Variables:
+;; coding: utf-8-unix
+;; End: