[PATCH] libs/wpp: Fixed bug in preventing add_text_to_macro from handling macros over 1 kb large
Travis Athougies
iammisc at gmail.com
Fri Jul 23 17:05:14 CDT 2010
As it stands right now, add_text_to_macro cannot handle macros over
1kb large. In the old code, the left hand side of the tertiary
operator ?: will always evaluate to true , since
addition has a higher priority. Therefore, ALLOCBLOCKSIZE (which is
defined as 1024) will always be the value of new_alloc. This will
cause a buffer overflow for large macros.
Adding the parentheses fixesthe bug by making explicit the order in
which the operations should be run.
---
libs/wpp/ppl.l | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/libs/wpp/ppl.l b/libs/wpp/ppl.l
index 6e0c7a1..0588e5d 100644
--- a/libs/wpp/ppl.l
+++ b/libs/wpp/ppl.l
@@ -1455,7 +1455,7 @@ static void add_text_to_macro(const char *text, int len)
if(mep->curargalloc - mep->curargsize <= len+1) /* +1 for '\0' */
{
char *new_curarg;
- int new_alloc = mep->curargalloc + (ALLOCBLOCKSIZE > len+1) ?
ALLOCBLOCKSIZE : len+1;
+ int new_alloc = mep->curargalloc + ((ALLOCBLOCKSIZE > len+1) ?
ALLOCBLOCKSIZE : len+1);
new_curarg = pp_xrealloc(mep->curarg, new_alloc * sizeof(mep->curarg[0]));
if(!new_curarg)
return;
--
1.6.4.4
More information about the wine-patches
mailing list