ref: b2d10b743a716ae76c3f0f11937c6d84f64668fe
parent: e3605a59a69b622c8a3a0e416d9eade7887e1718
author: Roberto E. Vargas Caballero <k0ga@shike2.com>
date: Thu Jan 12 03:55:02 EST 2017
[cc1] fix off-by-one bug in getdefs The pointer to the buffer was incremented but the size was not decremented, and it could generate overrun in buffers.
--- a/cc1/cpp.c
+++ b/cc1/cpp.c
@@ -351,8 +351,10 @@
bp += len;
bufsiz -= len;
}
- if ((prevc = yytoken) != '#')
+ if ((prevc = yytoken) != '#') {*bp++ = ' ';
+ --bufsiz;
+ }
next();
}
*bp = '\0';