Module Name: src
Committed By: rillig
Date: Fri Jun 18 20:29:00 UTC 2021
Modified Files:
src/usr.bin/xlint/lint1: lex.c
Log Message:
lint: fix hang on unfinished string literal at end-of-file
The input file that triggered this bug was:
a"b"c"d
Found using afl.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 src/usr.bin/xlint/lint1/lex.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/xlint/lint1/lex.c
diff -u src/usr.bin/xlint/lint1/lex.c:1.37 src/usr.bin/xlint/lint1/lex.c:1.38
--- src/usr.bin/xlint/lint1/lex.c:1.37 Tue Jun 15 20:46:45 2021
+++ src/usr.bin/xlint/lint1/lex.c Fri Jun 18 20:29:00 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: lex.c,v 1.37 2021/06/15 20:46:45 rillig Exp $ */
+/* $NetBSD: lex.c,v 1.38 2021/06/18 20:29:00 rillig Exp $ */
/*
* Copyright (c) 1996 Christopher G. Demetriou. All Rights Reserved.
@@ -38,7 +38,7 @@
#include <sys/cdefs.h>
#if defined(__RCSID) && !defined(lint)
-__RCSID("$NetBSD: lex.c,v 1.37 2021/06/15 20:46:45 rillig Exp $");
+__RCSID("$NetBSD: lex.c,v 1.38 2021/06/18 20:29:00 rillig Exp $");
#endif
#include <ctype.h>
@@ -1304,7 +1304,7 @@ lex_string(void)
s = xmalloc(max = 64);
len = 0;
- while ((c = get_escaped_char('"')) >= 0) {
+ while ((c = get_escaped_char('"')) > 0) {
/* +1 to reserve space for a trailing NUL character */
if (len + 1 == max)
s = xrealloc(s, max *= 2);
