diff options
| author | Yukihiro "Matz" Matsumoto <[email protected]> | 2014-05-13 16:03:41 +0900 |
|---|---|---|
| committer | Yukihiro "Matz" Matsumoto <[email protected]> | 2014-05-13 16:03:41 +0900 |
| commit | a38f8fe606a526af56a0ed41113c7f9ac7cb5314 (patch) | |
| tree | e997608a1ce62eef9e04af478adc0ddf60d5efe5 /mrbgems/mruby-bin-mirb/tools/mirb | |
| parent | 4e357a4963e45a1d32d96a1ee1f1c90f246df3a6 (diff) | |
| download | mruby-a38f8fe606a526af56a0ed41113c7f9ac7cb5314.tar.gz mruby-a38f8fe606a526af56a0ed41113c7f9ac7cb5314.zip | |
support comments in user-input; also add checks for buffer overflow
Diffstat (limited to 'mrbgems/mruby-bin-mirb/tools/mirb')
| -rw-r--r-- | mrbgems/mruby-bin-mirb/tools/mirb/mirb.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c b/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c index c8ea0a055..b389db7bc 100644 --- a/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +++ b/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c @@ -100,9 +100,9 @@ is_code_block_open(struct mrb_parser_state *parser) /* all states which need more code */ case EXPR_BEG: - /* an expression was just started, */ - /* we can't end it like this */ - code_block_open = TRUE; + /* beginning of a statement, */ + /* that means previous line ended */ + ;;code_block_open = FALSE; break; case EXPR_DOT: /* a message dot was the last token, */ @@ -319,6 +319,10 @@ main(int argc, char **argv) char_index = 0; while ((last_char = getchar()) != '\n') { if (last_char == EOF) break; + if (char_index > sizeof(last_code_line)-2) { + fputs("input string too long\n", stderr); + continue; + } last_code_line[char_index++] = last_char; } if (last_char == EOF) { @@ -326,6 +330,7 @@ main(int argc, char **argv) break; } + last_code_line[char_index++] = '\n'; last_code_line[char_index] = '\0'; #else char* line = MIRB_READLINE(code_block_open ? "* " : "> "); @@ -333,14 +338,22 @@ main(int argc, char **argv) printf("\n"); break; } - strncpy(last_code_line, line, sizeof(last_code_line)-1); + if (strlen(line) > sizeof(last_code_line)-2) { + fputs("input string too long\n", stderr); + continue; + } + strcpy(last_code_line, line); + strcat(last_code_line, "\n"); MIRB_ADD_HISTORY(line); free(line); #endif if (code_block_open) { - strcat(ruby_code, "\n"); - strcat(ruby_code, last_code_line); + if (strlen(ruby_code)+strlen(last_code_line) > sizeof(ruby_code)-1) { + fputs("concatenated input string too long\n", stderr); + continue; + } + strcat(ruby_code, last_code_line); } else { if ((strcmp(last_code_line, "quit") == 0) || (strcmp(last_code_line, "exit") == 0)) { |