d0p1/ack
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fix a buffer overrun that was manifesting on OpenBSD; also fix a bounds check and some uninitialised variable problems.

Browse source
This commit is contained in:
David Given 2017-01-16 22:44:37 +01:00
parent fa5675d439
commit 2cdcc16bc2
1 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
mach/proto/ncg/codegen.c
View file

@ -66,8 +66,7 @@ short* set_val;
char* set_flag; char* set_flag;
#endif #endif
unsigned codegen(codep, ply, toplevel, costlimit, forced) byte* codep; unsigned codegen(byte* codep, int ply, int toplevel, unsigned costlimit, int forced)
unsigned costlimit;
{ {
#ifndef NDEBUG #ifndef NDEBUG
byte* origcp = codep; byte* origcp = codep;
@ -75,7 +74,7 @@ unsigned costlimit;
#endif #endif
unsigned totalcost = 0; unsigned totalcost = 0;
int inscoerc = 0; int inscoerc = 0;
int procarg[MAXPROCARG + 1]; int procarg[MAXPROCARG + 1] = {};
#ifdef ALLOW_NEXTEM #ifdef ALLOW_NEXTEM
static int paniced; static int paniced;
char* savebp = 0; char* savebp = 0;
@ -328,7 +327,6 @@ unsigned costlimit;
tokpatlen = (codep[-1] >> 5) & 07; tokpatlen = (codep[-1] >> 5) & 07;
for (i = 0; i < tokpatlen; i++) for (i = 0; i < tokpatlen; i++)
getint(tokexp[i], codep); getint(tokexp[i], codep);
tokexp[i] = 0;
tp = &fakestack[stackheight - 1]; tp = &fakestack[stackheight - 1];
i = 0; i = 0;
while (i < tokpatlen && tp >= fakestack) while (i < tokpatlen && tp >= fakestack)
@ -860,7 +858,7 @@ unsigned costlimit;
swtxt(); swtxt();
if (stringno > 10000) if (stringno > 10000)
{ {
assert(stringno < 100001 + MAXPROCARG); assert(stringno < 10001 + MAXPROCARG);
genstr(procarg[stringno - 10001]); genstr(procarg[stringno - 10001]);
} }
else else