diff options
author | Akim Demaille <akim.demaille@gmail.com> | 2019-03-29 22:37:51 +0100 |
---|---|---|
committer | Akim Demaille <akim.demaille@gmail.com> | 2019-03-30 10:10:39 +0100 |
commit | bbf37f2534a8e5a6b4e28047f0a10903e6dc73f9 (patch) | |
tree | 1391350db6d67fb42475da88c934219b320e4389 /.x-sc_unmarked_diagnostics | |
parent | d332ff3c77c3e65c154ff0cc13b00bd1cec90ae9 (diff) | |
download | bison-bbf37f2534a8e5a6b4e28047f0a10903e6dc73f9.tar.gz |
lalr: fix segmentation violation
The "includes" relation [DeRemer 1982] is between gotos, so of course,
for a given goto, there cannot be more that ngotos (number of gotos)
images. But we manipulate the set of images of a goto as a list,
without checking that an image was not already introduced. So we can
"register" way more images than ngotos, leading to a crash (heap
buffer overflow).
Reported by wcventure.
http://lists.gnu.org/archive/html/bug-bison/2019-03/msg00007.html
For the records, this bug is present in the first committed version of
Bison.
* src/lalr.c (build_relations): Don't insert the same goto several
times.
* tests/sets.at (Build Relations): New.
Diffstat (limited to '.x-sc_unmarked_diagnostics')
0 files changed, 0 insertions, 0 deletions