scc

Simple C99 Compiler
Log | Files | Refs | README | LICENSE

commit f85a7bfa8943a40c196cb4e3778106bcc77e7eb5
parent 21c1937146f4b5acc6e3a5a695116419f19554ad
Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date:   Fri, 17 Jul 2015 21:10:44 +0200

expand: fix %d -> %s format string for char * line, check truncation or error

Diffstat:
cc1/cpp.c | 8++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/cc1/cpp.c b/cc1/cpp.c @@ -184,7 +184,7 @@ bool expand(char *begin, Symbol *sym) { size_t len; - int n; + int n, r; char *s = sym->u.s; char *arglist[NR_MACROARG], arguments[INPUTSIZ], buffer[BUFSIZE]; @@ -194,7 +194,11 @@ expand(char *begin, Symbol *sym) goto print_subs; } if (sym == symline) { - sprintf(buffer, "%d", input->line); + r = snprintf(buffer, sizeof(buffer), "%s", input->line); + if(r == -1 || (size_t)r >= sizeof(buffer)) { + error("expansion of macro \"%s\" is too long", sym->name); + return 0; + } goto print_subs; }