Skip to content

Commit c4603ba

Browse files
committed
Fix crash in lexer refill (reported by Agostino Sarubbo).
The crash happened in a rare case of a very long lexeme that doen't fit into the buffer, forcing buffer reallocation. The crash was caused by an incorrect calculation of the shift offset (it was smaller than necessary). As a consequence, the data from buffer start and up to the beginning of the current lexeme was not discarded (as it should have been), resulting in less free space for new data than expected.
1 parent 187fff3 commit c4603ba

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

Diff for: src/parse/scanner.cc

+2-1
Original file line numberDiff line numberDiff line change
@@ -155,13 +155,14 @@ bool Scanner::fill(size_t need)
155155
if (!buf) fatal("out of memory");
156156

157157
memmove(buf, tok, copy);
158-
shift_ptrs_and_fpos(buf - bot);
158+
shift_ptrs_and_fpos(buf - tok);
159159
delete [] bot;
160160
bot = buf;
161161

162162
free = BSIZE - copy;
163163
}
164164

165+
DASSERT(lim + free <= bot + BSIZE);
165166
if (!read(free)) {
166167
eof = lim;
167168
memset(lim, 0, YYMAXFILL);

0 commit comments

Comments
 (0)