ref: b6110a0000e5c32b531056741347b1f8762c996a
parent: 8b36084e2b8283e6e895266e5a9b56a32c9133df
author: Ori Bernstein <ori@eigenstate.org>
date: Sun Apr 19 05:02:21 EDT 2020
dont overflow the stack when pushing expressions in cpp, particularly complex ones could overflow the stack and silently corrupt our data structures. add checks when we push, and bump the stack size up.
--- a/sys/src/cmd/cpp/eval.c
+++ b/sys/src/cmd/cpp/eval.c
@@ -2,7 +2,7 @@
#include <libc.h>
#include "cpp.h"
-#define NSTAK 32
+#define NSTAK 128
#define SGN 0
#define UNS 1
#define UND 2
@@ -136,6 +136,8 @@
case STRING:
if (rand)
goto syntax;
+ if(vp == vals + NSTAK)
+ goto fullstakdeveloper;
*vp++ = tokval(tp);
rand = 1;
continue;
@@ -146,6 +148,8 @@
case NOT:
if (rand)
goto syntax;
+ if(op == ops + NSTAK)
+ goto fullstakdeveloper;
*op++ = tp->type;
continue;
@@ -152,6 +156,8 @@
/* unary-binary */
case PLUS: case MINUS: case STAR: case AND:
if (rand==0) {+ if(op == ops + NSTAK)
+ goto fullstakdeveloper;
if (tp->type==MINUS)
*op++ = UMINUS;
if (tp->type==STAR || tp->type==AND) {@@ -171,6 +177,8 @@
goto syntax;
if (evalop(priority[tp->type])!=0)
return 0;
+ if(op == ops + NSTAK)
+ goto fullstakdeveloper;
*op++ = tp->type;
rand = 0;
continue;
@@ -178,6 +186,8 @@
case LP:
if (rand)
goto syntax;
+ if(op == ops + NSTAK)
+ goto fullstakdeveloper;
*op++ = LP;
continue;
@@ -211,6 +221,9 @@
syntax:
error(ERROR, "Syntax error in #if/#elif");
return 0;
+fullstakdeveloper:
+ error(ERROR, "Out of stack space evaluating #if");
+ return 0;
}
int
@@ -375,6 +388,10 @@
}
v1.val = rv1;
v1.type = rtype;
+ if(op == ops + NSTAK){+ error(ERROR, "Out of stack space evaluating #if");
+ return 0;
+ }
*vp++ = v1;
}
return 0;
--
⑨