Closed andreasabel closed 5 years ago
Ah, I am too good natured, I fixed it anyway.
When you try to strcpy
a previously grown buffer buf_
into a buffer temp
of BUFFER_INITIAL
size, yes, then you segfault on a good operating system.
https://github.com/BNFC/bnfc/blob/344ccde10db8a3117117f9e0b7037faac448afc7/source/src/BNFC/Backend/CPP/PrettyPrinter.hs#L141-L156
Good old buffer overrun. Wonder if someone managed to hack machines with bnfc
installed through this.
Running
bnfc-system-tests
, I observed that the C++ AST printer forexamples/GF/gf.cf
https://github.com/BNFC/bnfc/blob/master/examples/GF/gf.cf segfaults when run onexamples/GF/example.gf
https://github.com/BNFC/bnfc/blob/master/examples/GF/example.gf .I do not want to debug this. A brief look into the generated printer shows that it has inline functions and destructive update of a
buf_
variable.https://github.com/BNFC/bnfc/blob/344ccde10db8a3117117f9e0b7037faac448afc7/source/src/BNFC/Backend/CPP/PrettyPrinter.hs#L146-L163 I leave this to C++ enthusiasts and fans of pointer manipulations. Happy segfaulting!