Harden string processing during parsing in lexer.l, config_gram.y and otherwise

- Replace strdup(s) with cfg_strdup(funname, s) that exits on out of mem - Replace malloc(n) with cfg_malloc(funname, n) that exits on out of mem - Change multiline string scanning in lexer.l to avoid core dump - Remove global variables string_buf and string_bug_ptr - Ensure reading strings unescapes strings C-Style - Ensure writing strings escapes strings C-Style again Commit looks longer than needed as unescape() and auxiliary functions needed to be moved from term.c (not in libavrdude) to config.c (in libavrdude).
2025-09-27 22:45:27 +00:00 · 2022-08-09 21:20:44 +01:00
parent 8a717987ec
commit 22c4dbf23e
14 changed files with 355 additions and 402 deletions
--- a/src/avr.c
+++ b/src/avr.c
@@ -1243,7 +1243,7 @@ void avr_add_mem_order(const char *str) {
    if(avr_mem_order[i] && !strcmp(avr_mem_order[i], str))
      return;
    if(!avr_mem_order[i]) {
-      avr_mem_order[i] = strdup(str);
+      avr_mem_order[i] = cfg_strdup("avr_mem_order()", str);
      return;
    }
  }