avr/avrdude
2
0
Fork 0
mirror of https://github.com/mariusgreuel/avrdude.git synced 2025-12-16 18:44:17 +00:00
Code Issues Projects Releases Wiki Activity

Harden string processing during parsing in lexer.l, config_gram.y and otherwise

Browse Source 
- Replace strdup(s) with cfg_strdup(funname, s) that exits on out of mem
 - Replace malloc(n) with cfg_malloc(funname, n) that exits on out of mem
 - Change multiline string scanning in lexer.l to avoid core dump
 - Remove global variables string_buf and string_bug_ptr
 - Ensure reading strings unescapes strings C-Style
 - Ensure writing strings escapes strings C-Style again

Commit looks longer than needed as unescape() and auxiliary functions needed
to be moved from term.c (not in libavrdude) to config.c (in libavrdude).
This commit is contained in:
Stefan Rueger
2022-08-09 21:20:44 +01:00
parent 8a717987ec
commit 22c4dbf23e
14 changed files with 355 additions and 402 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/config_gram.y
View File

@@ -453,25 +453,11 @@ prog_parms :
prog_parm :
K_ID TKN_EQUAL string_list {
{
TOKEN * t;
char *s;
int do_yyabort = 0;
while (lsize(string_list)) {
t = lrmv_n(string_list, 1);
if (!do_yyabort) {
s = dup_string(t->value.string);
if (s == NULL) {
do_yyabort = 1;
} else {
ladd(current_prog->id, s);
}
}
/* if do_yyabort == 1 just make the list empty */
TOKEN *t = lrmv_n(string_list, 1);
ladd(current_prog->id, cfg_strdup("config_gram.y", t->value.string));
free_token(t);
}
if (do_yyabort) {
YYABORT;
}
}
} |
prog_parm_type