shithub: neatroff

Download patch

ref: 966ff9d486ae39e15691941f3174ed0962616ca4
parent: 3ca7606bfb3ba941944d8103f1012dce78820e4d
author: Ali Gholami Rudi <[email protected]>
date: Wed Dec 31 03:45:17 EST 2014

hyph: do not read more than GNLEN characters in hy_cget()

--- a/char.c
+++ b/char.c
@@ -185,7 +185,7 @@
 }
 
 /* read quoted arguments; this is called only for internal neatroff strings */
-void quotedread(char **sp, char *d)
+static void quotedread(char **sp, char *d)
 {
 	char *s = *sp;
 	int q = *s++;
--- a/hyph.c
+++ b/hyph.c
@@ -24,12 +24,12 @@
 	if (s[0] != '\\')
 		return utf8read(&s, d);
 	if (s[1] == '[') {
-		char *o = s;
+		int i = 0;
 		s += 2;
-		while (*s && *s != ']')
-			*d++ = *s++;
-		*d = '\0';
-		return s - o;
+		while (*s && *s != ']' && i < GNLEN - 1)
+			d[i++] = *s++;
+		d[i] = '\0';
+		return *s ? i + 3 : i + 2;
 	}
 	if (s[1] == '(') {
 		d[0] = s[2];
@@ -38,9 +38,13 @@
 		return 4;
 	}
 	if (s[1] == 'C') {
-		char *o = s;
-		quotedread(&s, d);
-		return s - o;
+		int i = 0;
+		int q = s[2];
+		s += 3;
+		while (*s && *s != q && i < GNLEN - 1)
+			d[i++] = *s++;
+		d[i] = '\0';
+		return *s ? i + 4 : i + 3;
 	}
 	d[0] = s[0];
 	d[1] = s[1];
@@ -157,16 +161,16 @@
 /* mark the hyphenation points of word in hyph */
 static void hy_dohyph(char *hyph, char *word, int flg)
 {
-	char n[WORDLEN] = {0};
-	char w[WORDLEN] = {0};
+	char w[WORDLEN] = {0};		/* cleaned-up word[]; "Abc" -> ".abc." */
+	char n[WORDLEN] = {0};		/* the hyphenation value for w[] */
 	int c[WORDLEN];			/* start of the i-th character in w */
 	int wmap[WORDLEN] = {0};	/* w[i] corresponds to word[wmap[i]] */
+	char ch[GNLEN];
 	int nc = 0;
 	int i, wlen;
 	hcode_strcpy(w, word, wmap, 1);
 	wlen = strlen(w);
-	char dum[GNLEN];
-	for (i = 0; i < wlen - 1; i += hy_cget(dum, w + i))
+	for (i = 0; i < wlen - 1; i += hy_cget(ch, w + i))
 		c[nc++] = i;
 	for (i = 0; i < nc - 1; i++)
 		hy_find(w + c[i], n + c[i]);
--- a/roff.h
+++ b/roff.h
@@ -396,7 +396,6 @@
 void charnext_str(char *d, char *c);
 void quotednext(char *d, int (*next)(void), void (*back)(int));
 void unquotednext(char *d, int cmd, int (*next)(void), void (*back)(int));
-void quotedread(char **sp, char *d);
 int escread(char **s, char *d);
 /* string streams; nested next()/back() interface for string buffers */
 void sstr_push(char *s);