Fix #213: Fix gas-preproc misuse of strcpy() and uninitialized variables.
- strcpy() was being used with overlapping memory ranges; switched to memmove().
- bline->line_number was not set in one location.
Exact causes identified using valgrind.
svn path=/trunk/yasm/; revision=2348
diff --git a/modules/preprocs/gas/gas-preproc.c b/modules/preprocs/gas/gas-preproc.c
index bbdd499..86060d7 100644
--- a/modules/preprocs/gas/gas-preproc.c
+++ b/modules/preprocs/gas/gas-preproc.c
@@ -792,7 +792,7 @@
memcpy(line + cursor - len, value, value_length);
} else {
memcpy(line + cursor - len, value, value_length);
- strcpy(line + cursor - len + value_length, line + cursor);
+ memmove(line + cursor - len + value_length, line + cursor, strlen(line + cursor) + 1);
}
pp->expr_string = work = line;
pp->expr_string_cursor += delta;
@@ -806,6 +806,7 @@
}
bline->line = work + (pp->expr_string - work);
+ bline->line_number = -1;
pp->expr_string = NULL;
if (prev_bline) {
@@ -928,7 +929,7 @@
return;
}
- strcpy(cstart, cend + 2);
+ memmove(cstart, cend + 2, strlen(cend + 2) + 1);
pp->in_comment = FALSE;
cstart = strstr(cstart, "/*");
next = 2;
@@ -963,7 +964,7 @@
memcpy(line + cursor - len, value, value_length);
} else {
memcpy(line + cursor - len, value, value_length);
- strcpy(line + cursor - len + value_length, line + cursor);
+ memmove(line + cursor - len + value_length, line + cursor, strlen(line + cursor) + 1);
}
pp->expr_string = line;
pp->expr_string_cursor = cursor + delta;
