Fixed memory corruption bug (caused by wrong size passed to memcpy).

author Ulya Trofimovich <skvadrik@gmail.com>

Mon, 13 Aug 2018 22:41:56 +0000 (23:41 +0100)

committer Ulya Trofimovich <skvadrik@gmail.com>

Mon, 13 Aug 2018 22:43:06 +0000 (23:43 +0100)
author Ulya Trofimovich <skvadrik@gmail.com>
Mon, 13 Aug 2018 22:41:56 +0000 (23:41 +0100)
committer Ulya Trofimovich <skvadrik@gmail.com>
Mon, 13 Aug 2018 22:43:06 +0000 (23:43 +0100)
diff --git a/re2c/src/dfa/find_state.cc b/re2c/src/dfa/find_state.cc

index 131ec79f454a62f8427acc07df9ae30579b9b9c2..036d7f162d29bc1eb10c5ceadd2722aaf5ce7940 100644 (file)
--- a/re2c/src/dfa/find_state.cc
+++ b/re2c/src/dfa/find_state.cc
@@ -244,7 +244,7 @@ kernel_t *make_kernel_copy(const kernel_t *kernel, allocator_t &alc)
      kernel_t *k = make_new_kernel(n, alc);
  
      memcpy(k->state, kernel->state, n * sizeof(void*));
-    memcpy(k->tvers, kernel->tvers, n * sizeof(size_t));
+    memcpy(k->tvers, kernel->tvers, n * sizeof(uint32_t));
      memcpy(k->tlook, kernel->tlook, n * sizeof(hidx_t));
  
      prectable_t *ptbl = NULL;
@@ -373,7 +373,7 @@ bool kernel_eq_t::operator()(const kernel_t *x, const kernel_t *y) const
      const size_t n = x->size;
      return n == y->size
          && memcmp(x->state, y->state, n * sizeof(void*)) == 0
-        && memcmp(x->tvers, y->tvers, n * sizeof(size_t)) == 0
+        && memcmp(x->tvers, y->tvers, n * sizeof(uint32_t)) == 0
          && (!x->prectbl || memcmp(x->prectbl, y->prectbl, n * n * sizeof(prectable_t)) == 0)
          && equal_lookahead_tags(x, y, ctx);
  }
author	Ulya Trofimovich <skvadrik@gmail.com>
	Mon, 13 Aug 2018 22:41:56 +0000 (23:41 +0100)
committer	Ulya Trofimovich <skvadrik@gmail.com>
	Mon, 13 Aug 2018 22:43:06 +0000 (23:43 +0100)