forked from enlightenment/efl
epp: fix memory corruption when using #warning and #error
The epp instructions #warning and #error would led to a segmentation fault (invalid free) because the malloced buffer's base pointer was moved. @fix
This commit is contained in:
parent
ed750f091a
commit
6687e8b0c0
|
@ -3904,11 +3904,12 @@ do_error(cpp_reader * pfile, struct directive *keyword EINA_UNUSED,
|
||||||
{
|
{
|
||||||
int length = limit - buf;
|
int length = limit - buf;
|
||||||
unsigned char *copy = (unsigned char *)xmalloc(length + 1);
|
unsigned char *copy = (unsigned char *)xmalloc(length + 1);
|
||||||
|
unsigned char *msg = copy;
|
||||||
|
|
||||||
memcpy(copy, buf, length);
|
memcpy(copy, buf, length);
|
||||||
copy[length] = 0;
|
copy[length] = 0;
|
||||||
SKIP_WHITE_SPACE(copy);
|
SKIP_WHITE_SPACE(msg);
|
||||||
cpp_error(pfile, "#error %s", copy);
|
cpp_error(pfile, "#error %s", msg);
|
||||||
free(copy);
|
free(copy);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -3925,11 +3926,12 @@ do_warning(cpp_reader * pfile, struct directive *keyword EINA_UNUSED,
|
||||||
{
|
{
|
||||||
int length = limit - buf;
|
int length = limit - buf;
|
||||||
unsigned char *copy = (unsigned char *)xmalloc(length + 1);
|
unsigned char *copy = (unsigned char *)xmalloc(length + 1);
|
||||||
|
unsigned char *msg = copy;
|
||||||
|
|
||||||
memcpy(copy, buf, length);
|
memcpy(copy, buf, length);
|
||||||
copy[length] = 0;
|
copy[length] = 0;
|
||||||
SKIP_WHITE_SPACE(copy);
|
SKIP_WHITE_SPACE(msg);
|
||||||
cpp_warning(pfile, "#warning %s", copy);
|
cpp_warning(pfile, "#warning %s", msg);
|
||||||
free(copy);
|
free(copy);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue