From 4f2c48241691d2317da1ae8497a603096f772372 Mon Sep 17 00:00:00 2001
From: carl <cecodere@yahoo.ca>
Date: Sun, 31 Mar 2019 00:52:37 +0800
Subject: [PATCH] Buffer overflow memory errors.

---
 mach/proto/as/comm5.c | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/mach/proto/as/comm5.c b/mach/proto/as/comm5.c
index e8718bc46..2b301a2e3 100644
--- a/mach/proto/as/comm5.c
+++ b/mach/proto/as/comm5.c
@@ -395,6 +395,18 @@ char* readident(int c)
 }
 #endif
 
+static void need_stringbuf()
+{
+	if (!maxstring)
+	{
+		maxstring = STRINGMAX;
+		if ((stringbuf = malloc(maxstring)) == 0)
+		{
+			fatal("out of memory");
+		}
+	}
+}
+
 static int innumber(int c)
 {
 	char* p;
@@ -464,11 +476,8 @@ floatconstant:
 
 	*p = '\0';
 	stringlen = p - num;
-	if (stringlen > maxstring)
-	{
-		maxstring = stringlen;
-		stringbuf = realloc(stringbuf, maxstring);
-	}
+	need_stringbuf();
+	assert(stringlen < maxstring);
 	strcpy(stringbuf, num);
 	return NUMBERF;
 }
@@ -478,14 +487,7 @@ static int instring(int termc)
 	char* p;
 	int c;
 
-	if (!maxstring)
-	{
-		maxstring = STRINGMAX;
-		if ((stringbuf = malloc(maxstring)) == 0)
-		{
-			fatal("out of memory");
-		}
-	}
+	need_stringbuf();
 	p = stringbuf;
 	for (;;)
 	{