From: Ben Pfaff Date: Sun, 6 May 2012 05:07:34 +0000 (-0700) Subject: lexer: Check that 'read' function in lex_source returns valid value. X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0838c7ce8528a241fd6bb422767e187af4b5d9a7;p=pspp lexer: Check that 'read' function in lex_source returns valid value. A 'read' function may only read as many bytes as the size of the buffer passed into it, but the caller didn't check, which made an actual violation of this invariant hard to diagnose. --- diff --git a/src/language/lexer/lexer.c b/src/language/lexer/lexer.c index e72a3e47bc..1caadac1de 100644 --- a/src/language/lexer/lexer.c +++ b/src/language/lexer/lexer.c @@ -1209,14 +1209,18 @@ lex_source_read__ (struct lex_source *src) do { size_t head_ofs; + size_t space; size_t n; lex_source_expand__ (src); head_ofs = src->head - src->tail; + space = src->allocated - head_ofs; n = src->reader->class->read (src->reader, &src->buffer[head_ofs], - src->allocated - head_ofs, + space, segmenter_get_prompt (&src->segmenter)); + assert (n <= space); + if (n == 0) { /* End of input.