Some more buffer overflows in edit/syntax.c

Pavel Roskin proski at gnu.org
Thu Oct 16 20:40:26 UTC 2003


On Thu, 16 Oct 2003, Andrew V. Samoilov wrote:

> some more checks added for {} and [].

Applied.  Just before that, I had to relax some of my recently added
checks, because they would ignore the last symbol of the rule in some
cases.  In particular, $+ in sh.syntax was ignored, so variables like
$TERM weren't highlighted.

I'm quite sure there are still corner cases when a broken rule can cause
us to read beyond the buffer.  It would be nice to have a more systematic
approach, e.g. allocate more bytes for the string to avoid too many checks
if p[1] is valid.

-- 
Regards,
Pavel Roskin



More information about the mc-devel mailing list