Harden string processing during parsing in lexer.l, config_gram.y and otherwise

- Replace strdup(s) with cfg_strdup(funname, s) that exits on out of mem - Replace malloc(n) with cfg_malloc(funname, n) that exits on out of mem - Change multiline string scanning in lexer.l to avoid core dump - Remove global variables string_buf and string_bug_ptr - Ensure reading strings unescapes strings C-Style - Ensure writing strings escapes strings C-Style again Commit looks longer than needed as unescape() and auxiliary functions needed to be moved from term.c (not in libavrdude) to config.c (in libavrdude).
2025-12-17 02:54:17 +00:00 · 2022-08-09 21:20:44 +01:00
parent 8a717987ec
commit 22c4dbf23e
14 changed files with 355 additions and 402 deletions
--- a/src/libavrdude.h
+++ b/src/libavrdude.h
@@ -536,7 +536,7 @@ const char * pins_to_str(const struct pindef_t * const pindef);
 * This function returns a string of defined pins, eg, ~1, 2, ~4, ~5, 7 or ""
 *
 * @param[in] pindef the pin definition for which we want the string representation
- * @returns a pointer to a string, which was created by strdup (NULL if out of memory)
+ * @returns a pointer to a string, which was created by strdup
 */
 char *pins_to_strdup(const struct pindef_t * const pindef);

@@ -1006,6 +1006,10 @@ extern double       default_bitclock;
 extern "C" {
 #endif

+void *cfg_malloc(const char *funcname, size_t n);
+
+char *cfg_strdup(const char *funcname, const char *s);
+
 int init_config(void);

 void cleanup_config(void);
@@ -1014,6 +1018,12 @@ int read_config(const char * file);

 const char *cache_string(const char *file);

+unsigned char *cfg_unescapeu(unsigned char *d, const unsigned char *s);
+
+char *cfg_unescape(char *d, const char *s);
+
+char *cfg_escape(const char *s);
+
 #ifdef __cplusplus
 }
 #endif