diff options
author | Alan Modra <amodra@gmail.com> | 2022-03-20 18:08:38 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2022-03-20 19:04:22 +1030 |
commit | bdcd45685beb9d4b865c68152e47601c7e3d170c (patch) | |
tree | 6d2b76de8cecd4d35323efff9b9152f0b8238843 /gas | |
parent | ba09d2a8cd6aecb10c5f3b99284e7e82df51cdbc (diff) | |
download | gdb-bdcd45685beb9d4b865c68152e47601c7e3d170c.zip gdb-bdcd45685beb9d4b865c68152e47601c7e3d170c.tar.gz gdb-bdcd45685beb9d4b865c68152e47601c7e3d170c.tar.bz2 |
PR28979, internal error in demand_empty_rest_of_line
The change in read_a_source_file prevents the particular testcase in
the PR from triggering the assertion in demand_empty_rest_of_line.
I've also removed the assertion. Nothing much goes wrong with gas if
something else triggers it, so it's not worthy of an abort.
I've also changed my previous patch to ignore_rest_of_line to allow
that function to increment input_line_pointer past buffer_limit, like
demand_empty_rest_of_line: The two functions ought to behave the
same in that respect. Finally, demand_empty_rest_of_line gets a
little hardening to prevent accesses past buffer_limit plus one.
PR 28979
* read.c (read_a_source_file): Calculate known size for sbuf
rather than calling strlen.
(demand_empty_rest_of_line): Remove "know" check. Expand comment.
Don't dereference input_line_pointer when past buffer_limit.
(ignore_rest_of_line): Allow input_line_pointer to increment to
buffer_limit plus one. Expand comment.
Diffstat (limited to 'gas')
-rw-r--r-- | gas/read.c | 20 |
1 files changed, 14 insertions, 6 deletions
@@ -1391,6 +1391,7 @@ read_a_source_file (const char *name) if (size < space) { new_tmp[size] = 0; + new_length = new_tmp + size - new_buf; break; } @@ -1408,7 +1409,6 @@ read_a_source_file (const char *name) actual macro expansion (possibly nested) and other input expansion work. Beware that in messages, line numbers and possibly file names will be incorrect. */ - new_length = strlen (new_buf); sb_build (&sbuf, new_length); sb_add_buffer (&sbuf, new_buf, new_length); input_scrub_include_sb (&sbuf, input_line_pointer, 0); @@ -3950,12 +3950,19 @@ s_weakref (int ignore ATTRIBUTE_UNUSED) /* Verify that we are at the end of a line. If not, issue an error and - skip to EOL. */ + skip to EOL. This function may leave input_line_pointer one past + buffer_limit, so should not be called from places that may + dereference input_line_pointer unconditionally. Note that when the + gas parser is switched to handling a string (where buffer_limit + should be the size of the string excluding the NUL terminator) this + will be one past the NUL; is_end_of_line(0) returns true. */ void demand_empty_rest_of_line (void) { SKIP_WHITESPACE (); + if (input_line_pointer > buffer_limit) + return; if (is_end_of_line[(unsigned char) *input_line_pointer]) input_line_pointer++; else @@ -3968,18 +3975,19 @@ demand_empty_rest_of_line (void) *input_line_pointer); ignore_rest_of_line (); } - /* Return pointing just after end-of-line. */ - know (is_end_of_line[(unsigned char) input_line_pointer[-1]]); } /* Silently advance to the end of line. Use this after already having - issued an error about something bad. */ + issued an error about something bad. Like demand_empty_rest_of_line, + this function may leave input_line_pointer one after buffer_limit; + Don't call it from within expression parsing code in an attempt to + silence further errors. */ void ignore_rest_of_line (void) { - while (input_line_pointer < buffer_limit) + while (input_line_pointer <= buffer_limit) if (is_end_of_line[(unsigned char) *input_line_pointer++]) break; /* Return pointing just after end-of-line. */ |