commit 1dfb93dc4b91b4c3e5186757965a42595e142b9a
Author: Michael Forney <[email protected]>
AuthorDate: Wed Feb 15 23:55:31 2017 -0800
Commit: Roberto E. Vargas Caballero <[email protected]>
CommitDate: Thu Feb 16 09:56:22 2017 +0100
Avoid accessing beyond end of string
When bp == lim, we should not dereference bp since it lies beyond the
allocated memory.
diff --git a/cc1/code.c b/cc1/code.c
index c4ce697..01bf6ff 100644
--- a/cc1/code.c
+++ b/cc1/code.c
@@ -317,7 +317,7 @@ emitstring(Symbol *sym, Type *tp)
lim = &sym->u.s[tp->n.elem];
while (bp < lim) {
s = bp;
- while (isprint(*bp) && bp < lim)
+ while (bp < lim && isprint(*bp))
++bp;
if ((n = bp - s) > 1)
fprintf(outfp, "\t#\"%.*s\n", n, s);
@@ -329,7 +329,7 @@ emitstring(Symbol *sym, Type *tp)
fprintf(outfp,
"\t#%c%02X\n",
chartype->letter, (*bp++) & 0xFF);
- } while (!isprint(*bp) && bp < lim);
+ } while (bp < lim && !isprint(*bp));
}
}
