gbranden pushed a commit to branch master
in repository groff.
commit 254b4d8d6f2beb8d368fd7cc02d460ed936ffddc
Author: G. Branden Robinson <[email protected]>
AuthorDate: Thu Jul 10 16:53:54 2025 -0500
[pre-grohtml]: Handle memory exhaustion.
* src/preproc/html/pre-html.cpp (get_line): Catch `std::bad_alloc`
exceptions from `new` operator. Throw a fatal error indicating how
much memory we couldn't allocate and which line of which file we were
reading when we had trouble.
Exhibit:
$ rm build/font/devps/DESC
$ make -C build font/devps/DESC
[output elided]
$ printf 'papersize ' >> build/font/devps/DESC
$ dd if=/dev/zero of=/dev/stdout bs=1M count=8192 \
| tr '\0' '@' >> build/font/devps/DESC
[output elided]
$ printf '\n' >> build/font/devps/DESC
$ make -C build
GROFF doc/pic.html
pre-grohtml:.../build/font/devps/DESC:15: fatal error: cannot allocate more
than 1073741824 bytes to read line; aborting
And with that, groff takes another step away from Annotated Reference
Manual C++ and into the bleeding-edge horizons of ISO C++98.
---
ChangeLog | 7 +++++++
src/preproc/html/pre-html.cpp | 20 ++++++++++++++++++--
2 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 7d7335f4c..3166a5a3a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2025-07-10 G. Branden Robinson <[email protected]>
+
+ * src/preproc/html/pre-html.cpp (get_line): Catch
+ `std::bad_alloc` exceptions from `new` operator. Throw a fatal
+ error indicating how much memory we couldn't allocate and which
+ line of which file we were reading when we had trouble.
+
2025-07-10 G. Branden Robinson <[email protected]>
* src/preproc/html/pre-html.cpp (get_resolution)
diff --git a/src/preproc/html/pre-html.cpp b/src/preproc/html/pre-html.cpp
index 70dc18ba0..f3d6e4780 100644
--- a/src/preproc/html/pre-html.cpp
+++ b/src/preproc/html/pre-html.cpp
@@ -36,6 +36,8 @@
#include <getopt.h> // getopt_long()
+#include <new> // std::bad_alloc
+
// needed for close(), creat(), dup(), dup2(), execvp(), fork(),
// getpid(), mkdir(), open(), pipe(), unlink(), wait(), write()
#include "posix.h"
@@ -268,7 +270,14 @@ static bool get_line(FILE *f, const char *file_name, int
lineno)
return false;
if (0 /* nullptr */ == linebuf) {
linebufsize = 128;
- linebuf = new char[linebufsize];
+ try {
+ linebuf = new char[linebufsize];
+ }
+ catch (std::bad_alloc &e) {
+ fatal_with_file_and_line(file_name, lineno, "cannot allocate %1"
+ " bytes to read line; aborting",
+ linebufsize);
+ }
}
int i = 0;
// skip leading whitespace
@@ -288,7 +297,14 @@ static bool get_line(FILE *f, const char *file_name, int
lineno)
if (i + 1 >= linebufsize) {
int newbufsize = linebufsize * 2;
char *old_linebuf = linebuf;
- linebuf = new char[newbufsize];
+ try {
+ linebuf = new char[newbufsize];
+ }
+ catch (std::bad_alloc &e) {
+ fatal_with_file_and_line(file_name, lineno, "cannot allocate"
+ " more than %1 bytes to read line;"
+ " aborting", linebufsize);
+ }
memcpy(linebuf, old_linebuf, linebufsize);
delete[] old_linebuf;
linebufsize = newbufsize;
_______________________________________________
groff-commit mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/groff-commit
