The function can get confused with detecting the end of the buffer

when the last line is in a comment or in a string, and may overrun the end of the buffer. The symptoms are error messages past the last line of the parameter file, because the memory after the buffer end is interpreted as (probably mal-formed) parameter file content. Since the paring routine is quite complex, this patch works around this problem by increasing the size of the buffer by a few characters and setting these to NUL. git-svn-id: http://svn.cactuscode.org/flesh/trunk@4594 17b73243-c579-4c4c-a9d2-2d5706c11dac
author: schnetter <schnetter@17b73243-c579-4c4c-a9d2-2d5706c11dac> 2010-01-18 04:26:31 +0000
committer: schnetter <schnetter@17b73243-c579-4c4c-a9d2-2d5706c11dac> 2010-01-18 04:26:31 +0000
commit: 2fcd5b484324760b4a5b7f5c092225714437afb0 (patch)
tree: f261cec500797afbb19e1d6a0f6000f0a9fb943d /src/util
parent: 185d485f07469431aba34cfba869175a6522b56a (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/util/ParseFile.c b/src/util/ParseFile.c
index aacc0941..34e4f02a 100644
--- a/src/util/ParseFile.c
+++ b/src/util/ParseFile.c
@@ -130,6 +130,13 @@ int ParseFile(FILE *ifp,
   if (!buffer)
     return 1;
   buffer = ParseDefines(buffer, &buffersize);
+  /* ParseBuffer can get confused with detecting the end of the buffer
+     (when in a comment or in a string), and may overrun.  Therefore
+     we allocate a buffer that is a bit longer.  */
+  {
+    buffer = realloc (buffer, strlen(buffer) + 10);
+    memset (buffer+strlen(buffer), '\0', 10);
+  }
   retval = ParseBuffer(buffer, set_function, ConfigData);
   free(buffer);
   return retval;
author	schnetter <schnetter@17b73243-c579-4c4c-a9d2-2d5706c11dac>	2010-01-18 04:26:31 +0000
committer	schnetter <schnetter@17b73243-c579-4c4c-a9d2-2d5706c11dac>	2010-01-18 04:26:31 +0000
commit	2fcd5b484324760b4a5b7f5c092225714437afb0 (patch)
tree	f261cec500797afbb19e1d6a0f6000f0a9fb943d /src/util
parent	185d485f07469431aba34cfba869175a6522b56a (diff)