gas/macro.c getstring

This code:
	      if (in->ptr[idx] == '!')
		{
		  idx++;
		  sb_add_char (acc, in->ptr[idx++]);
		}
and similar code in the other loop, blindly accessed the next element
of the string buffer without first checking idx against in->len,
leading to uninitialised accesses or buffer overruns.  Fix that, and
tidy the loops so that the function always returns the index one past
the last char consumed.  (It could return idx == in->len + 1).

	* macro.c (getstring): Don't access past end of input string
	buffer.  Tidy loops.  Don't return an index past in->len.

0 files changed, 0 insertions, 0 deletions