segvault with null terminated input

[jcfp]

hi,

a bug was reported in debian about a segvault in re2c with null terminated input:

When re2c reads a file that is containing '&' (ampersand) that is followed by null byte, re2c is crashed due to heap overread.

The following is the reproducible steps:
$ echo -ne "&\x00" > A
$ re2c A
Segmentation fault

I'm not sure if the ampersand is actually required, as it seems to segvault with other characters too as long as that null is at the end. The bug was reported against 0.13.5 but this reproduces with 0.16 too.

See the debian bug report for more details.

[skvadrik]

Confirmed, thank you.

[skvadrik]

Here is a fix: 54711f6 :)

Just a case of forgotten goto which remained unnoticed for years.

[jcfp]

👍 Sure enough that does the job. Thanks!