]> granicus.if.org Git - re2c/commitdiff
Fixed out of bounds read when sorting one-element initial closure.
authorUlya Trofimovich <skvadrik@gmail.com>
Sat, 9 Feb 2019 17:54:25 +0000 (17:54 +0000)
committerUlya Trofimovich <skvadrik@gmail.com>
Sat, 9 Feb 2019 18:20:09 +0000 (18:20 +0000)
The error only occurred on some libc implementations, e.g. on debug
glibc (options -D_GLIBCXX_DEBUG -D_GLIBCXX_DEBUG_PEDANTIC).

re2c/src/dfa/closure_posix.cc
re2c/src/util/lookup.h

index d4846387a0c690431417bc0e55a93d51bc6b7403..c17c1049c3fae2d4cc4576b229062f578a9d2b31 100644 (file)
@@ -143,12 +143,11 @@ inline cmp_gor1_t::cmp_gor1_t(determ_context_t &c) : ctx(c) {}
 
 inline bool cmp_gor1_t::operator()(const clos_t &x, const clos_t &y) const
 {
-    const kernel_t *k = ctx.dc_kernels[ctx.dc_origin];
     const uint32_t xo = x.origin, yo = y.origin;
-
-    DASSERT(xo != yo && x.tlook == HROOT && y.tlook == HROOT);
+    if (xo == yo) return false;
 
     // if longest components differ, leftmost already incorporates that
+    const kernel_t *k = ctx.dc_kernels[ctx.dc_origin];
     return unpack_leftmost(k->prectbl[xo * k->size + yo]) < 0;
 }
 
index 4dc19d651e919baa0b297ea5a56c41ff7665bc9e..9d4c3b79735405eeab9c2f16dedef30e81835f14 100644 (file)
@@ -66,12 +66,14 @@ uint32_t lookup_t<data_t, hash_t>::size() const
 template<typename data_t, typename hash_t>
 data_t& lookup_t<data_t, hash_t>::operator[](uint32_t idx)
 {
+    DASSERT(idx < elems.size());
     return elems[idx].data;
 }
 
 template<typename data_t, typename hash_t>
 const data_t& lookup_t<data_t, hash_t>::operator[](uint32_t idx) const
 {
+    DASSERT(idx < elems.size());
     return elems[idx].data;
 }