stevecheckoway
commented
5 years ago This was found with address sanitizer and AFL.
Closed stevecheckoway closed 5 years ago
stevecheckoway
commented
5 years ago This was found with address sanitizer and AFL.
When constructing an error message for an unexpected EOF, the error text pointer is one byte passed the end of our source text. It's invalid to read from that pointer. Instead, be explicit about our source buffer by giving a size and assert that the error is either within the buffer or one byte after.
Make a similar change for finding the next new line and fix the comment. There's not always a trailing zero byte, but the result is the same. It either returns a pointer to the next new line, or it returns a pointer one passed the end of the source buffer.