Closed angstsmurf closed 1 year ago
Running with AddressSanitizer on, pressing enter at the end of the source text will crash with a heap buffer overflow here: https://github.com/TobyLobster/Inform/blob/c704aa7191cdc6e4c949a8e25df65a415846c704/inform/Project/Syntax/IFSyntaxData.m#L1603 In my case, the pos variable was set to 58 while charStyles had the range 0 … 57, so return charStyles[pos]; was reading 1 past the end.
pos
charStyles
return charStyles[pos];
charStyles was realloc'd to size 58 here: https://github.com/TobyLobster/Inform/blob/c704aa7191cdc6e4c949a8e25df65a415846c704/inform/Project/Syntax/IFSyntaxData.m#L799
Thanks, should be fixed now.
TobyLobster
commented
1 year ago TobyLobster
commented
1 year ago
Running with AddressSanitizer on, pressing enter at the end of the source text will crash with a heap buffer overflow here: https://github.com/TobyLobster/Inform/blob/c704aa7191cdc6e4c949a8e25df65a415846c704/inform/Project/Syntax/IFSyntaxData.m#L1603 In my case, the
posvariable was set to 58 whilecharStyleshad the range 0 … 57, soreturn charStyles[pos];was reading 1 past the end.charStyles was realloc'd to size 58 here: https://github.com/TobyLobster/Inform/blob/c704aa7191cdc6e4c949a8e25df65a415846c704/inform/Project/Syntax/IFSyntaxData.m#L799