From: John Kessenich Date: Mon, 10 Jun 2013 07:36:26 +0000 (+0000) Subject: A round of increasing robustness against buffer overruns. X-Git-Tag: upstream/0.1~993 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=00f605b9300bba7c4b32203c7f8c57c6967adf19;p=platform%2Fupstream%2Fglslang.git A round of increasing robustness against buffer overruns. git-svn-id: https://cvs.khronos.org/svn/repos/ogl/trunk/ecosystem/public/sdk/tools/glslang@21917 e7fa87d3-cd2b-0410-9028-fcbf551c1848 --- diff --git a/Test/testlist b/Test/testlist index 355ce8e..db8abda 100644 --- a/Test/testlist +++ b/Test/testlist @@ -1,4 +1,4 @@ -sample.frag +.rsample.frag sample.vert specExamples.frag specExamples.vert @@ -36,3 +36,4 @@ errors.frag forwardRef.frag uint.frag switch.frag +tokenLength.vert diff --git a/Test/tokenLength.vert b/Test/tokenLength.vert new file mode 100644 index 0000000..57e3b7f --- /dev/null +++ b/Test/tokenLength.vert @@ -0,0 +1,36 @@ +#version 300 es + +// 1023 characters +in float BCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789; + +// 1024 characters (okay) +in float ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789; + +int E1 = 5000000000; // ERROR +int E2 = 50000000000; // ERROR +int B = 4294967295; // okay + +int OE = 0777777777777777777777; // ERROR +int HE = 0x1234567890ABCDEF0; // ERROR + +// 1023 character fraction +float F = 1.012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012; + +// 1024 character value +float G = 1.0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890; + +// 1027 character fraction +float E3 = 1.01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234; + +void main() +{ + gl_Position = vec4(ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789, + B, F, G); +} + +// super long +floatint superH = 0xint superint superI = 429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295429496729542949672954294967295; +float superF = 1.012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890121234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901212345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012; diff --git a/glslang/Include/Common.h b/glslang/Include/Common.h index a2eb83f..dd74232 100644 --- a/glslang/Include/Common.h +++ b/glslang/Include/Common.h @@ -185,4 +185,6 @@ __inline TPersistString FormatSourceLoc(const TSourceLoc loc) typedef TMap TPragmaTable; typedef TMap::tAllocator TPragmaTableAllocator; +const int GlslangMaxTokenLength = 1024; + #endif // _COMMON_INCLUDED_ diff --git a/glslang/Include/Types.h b/glslang/Include/Types.h index 2466a7e..02f991b 100644 --- a/glslang/Include/Types.h +++ b/glslang/Include/Types.h @@ -40,6 +40,8 @@ #include "../Include/Common.h" #include "../Include/BaseTypes.h" +const int GlslangMaxTypeLength = 200; + // // Details within a sampler type // @@ -602,7 +604,7 @@ public: TString getCompleteString() const { - const int maxSize = 200; + const int maxSize = GlslangMaxTypeLength; char buf[maxSize]; char *p = &buf[0]; char *end = &buf[maxSize]; diff --git a/glslang/MachineIndependent/ParseHelper.cpp b/glslang/MachineIndependent/ParseHelper.cpp index 0e39ca8..36585e8 100644 --- a/glslang/MachineIndependent/ParseHelper.cpp +++ b/glslang/MachineIndependent/ParseHelper.cpp @@ -205,7 +205,7 @@ void TParseContext::recover() void C_DECL TParseContext::error(TSourceLoc nLine, const char *szReason, const char *szToken, const char *szExtraInfoFormat, ...) { - const int maxSize = 400; + const int maxSize = GlslangMaxTokenLength + 200; char szExtraInfo[maxSize]; va_list marker; diff --git a/glslang/MachineIndependent/SymbolTable.cpp b/glslang/MachineIndependent/SymbolTable.cpp index 64a13c5..3b222f6 100644 --- a/glslang/MachineIndependent/SymbolTable.cpp +++ b/glslang/MachineIndependent/SymbolTable.cpp @@ -105,7 +105,7 @@ void TType::buildMangledName(TString& mangledName) } if (arraySizes) { - const int maxSize = 10; + const int maxSize = 11; char buf[maxSize]; snprintf(buf, maxSize, "%d", arraySizes->front()); mangledName += '['; diff --git a/glslang/MachineIndependent/intermOut.cpp b/glslang/MachineIndependent/intermOut.cpp index 980f108..f442a60 100644 --- a/glslang/MachineIndependent/intermOut.cpp +++ b/glslang/MachineIndependent/intermOut.cpp @@ -84,7 +84,7 @@ void OutputSymbol(TIntermSymbol* node, TIntermTraverser* it) OutputTreeText(oit->infoSink, node, oit->depth); - const int maxSize = 100; + const int maxSize = GlslangMaxTypeLength + GlslangMaxTokenLength; char buf[maxSize]; snprintf(buf, maxSize, "'%s' (%s)\n", node->getSymbol().c_str(), diff --git a/glslang/MachineIndependent/parseConst.cpp b/glslang/MachineIndependent/parseConst.cpp index df6d1e7..a5b0bdf 100644 --- a/glslang/MachineIndependent/parseConst.cpp +++ b/glslang/MachineIndependent/parseConst.cpp @@ -81,7 +81,7 @@ bool ParseBinary(bool /* preVisit */, TIntermBinary* node, TIntermTraverser* it) TStorageQualifier qualifier = node->getType().getQualifier().storage; if (qualifier != EvqConst) { - const int maxSize = 200; + const int maxSize = GlslangMaxTypeLength + 50; char buf[maxSize]; snprintf(buf, maxSize, "'constructor' : assigning non-constant to %s", oit->type.getCompleteString().c_str()); oit->infoSink.info.message(EPrefixError, buf, node->getLine()); @@ -99,7 +99,7 @@ bool ParseUnary(bool /* preVisit */, TIntermUnary* node, TIntermTraverser* it) { TConstTraverser* oit = static_cast(it); - const int maxSize = 200; + const int maxSize = GlslangMaxTypeLength + 50; char buf[maxSize]; snprintf(buf, maxSize, "'constructor' : assigning non-constant to '%s'", oit->type.getCompleteString().c_str()); oit->infoSink.info.message(EPrefixError, buf, node->getLine()); @@ -113,7 +113,7 @@ bool ParseAggregate(bool /* preVisit */, TIntermAggregate* node, TIntermTraverse TConstTraverser* oit = static_cast(it); if (!node->isConstructor() && node->getOp() != EOpComma) { - const int maxSize = 200; + const int maxSize = GlslangMaxTypeLength + 50; char buf[maxSize]; snprintf(buf, maxSize, "'constructor' : assigning non-constant to '%s'", oit->type.getCompleteString().c_str()); oit->infoSink.info.message(EPrefixError, buf, node->getLine()); diff --git a/glslang/MachineIndependent/preprocessor/scanner.c b/glslang/MachineIndependent/preprocessor/scanner.c index 3c30c11..039742a 100644 --- a/glslang/MachineIndependent/preprocessor/scanner.c +++ b/glslang/MachineIndependent/preprocessor/scanner.c @@ -268,7 +268,7 @@ static int lFloatConst(char *str, int len, int ch, yystypepp * yylvalpp) if (ch == 'e' || ch == 'E') { if (len >= MAX_SYMBOL_NAME_LEN) { - ShPpErrorToInfoLog("floating-point literal too long"); + ShPpErrorToInfoLog("floating-point literal too long"); len = 1,str_len=1; } else { ExpSign = 1; @@ -311,11 +311,11 @@ static int lFloatConst(char *str, int len, int ch, yystypepp * yylvalpp) cpp->currentInput->ungetch(cpp->currentInput, ch2, yylvalpp); cpp->currentInput->ungetch(cpp->currentInput, ch, yylvalpp); } else { - if (len < MAX_SYMBOL_NAME_LEN-1) { + if (len < MAX_SYMBOL_NAME_LEN) { str[len++] = ch; str[len++] = ch2; } else { - ShPpErrorToInfoLog("floating-point literal too long"); + ShPpErrorToInfoLog("floating-point literal too long"); len = 1,str_len=1; } } @@ -348,7 +348,7 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) { char symbol_name[MAX_SYMBOL_NAME_LEN + 1]; char string_val[MAX_STRING_LEN + 1]; - int AlreadyComplained; + int AlreadyComplained = 0; int len, ch, ii; unsigned ival = 0; @@ -387,14 +387,15 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) len++; ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); } else { - ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); + ShPpErrorToInfoLog("name too long"); + break; } } while ((ch >= 'a' && ch <= 'z') || (ch >= 'A' && ch <= 'Z') || (ch >= '0' && ch <= '9') || ch == '_'); - if (len >= MAX_SYMBOL_NAME_LEN) - len = MAX_SYMBOL_NAME_LEN - 1; + if (len > MAX_SYMBOL_NAME_LEN) + len = MAX_SYMBOL_NAME_LEN; symbol_name[len] = '\0'; cpp->currentInput->ungetch(cpp->currentInput, ch, yylvalpp); yylvalpp->sc_ident = LookUpAddString(atable, symbol_name); @@ -410,23 +411,26 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) (ch >= 'A' && ch <= 'F') || (ch >= 'a' && ch <= 'f')) { - AlreadyComplained = 0; ival = 0; do { + if (len >= MAX_SYMBOL_NAME_LEN) + break; yylvalpp->symbol_name[len++] = ch; if (ival <= 0x0fffffff) { if (ch >= '0' && ch <= '9') { ii = ch - '0'; } else if (ch >= 'A' && ch <= 'F') { ii = ch - 'A' + 10; - } else { + } else if (ch >= 'a' && ch <= 'f') { ii = ch - 'a' + 10; - } + } else + ShPpErrorToInfoLog("bad digit in hexidecimal literal"); ival = (ival << 4) | ii; } else { - if (!AlreadyComplained) + if (! AlreadyComplained) { ShPpErrorToInfoLog("hexidecimal literal too long"); - AlreadyComplained = 1; + AlreadyComplained = 1; + } } ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); } while ((ch >= '0' && ch <= '9') || @@ -441,19 +445,22 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) cpp->currentInput->ungetch(cpp->currentInput, ch, yylvalpp); yylvalpp->symbol_name[len] = '\0'; yylvalpp->sc_int = (int)ival; + return CPP_INTCONSTANT; } else if (ch >= '0' && ch <= '7') { // octal integer constants - AlreadyComplained = 0; ival = 0; do { + if (len >= MAX_SYMBOL_NAME_LEN) + break; yylvalpp->symbol_name[len++] = ch; if (ival <= 0x1fffffff) { ii = ch - '0'; ival = (ival << 3) | ii; } else { - if (!AlreadyComplained) - ShPpErrorToInfoLog("octal literal too long"); - AlreadyComplained = 1; + if (!AlreadyComplained) { + ShPpErrorToInfoLog("octal literal too long"); + AlreadyComplained = 1; + } } ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); } while (ch >= '0' && ch <= '7'); @@ -462,6 +469,7 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) yylvalpp->symbol_name[len] = '\0'; cpp->currentInput->ungetch(cpp->currentInput, ch, yylvalpp); yylvalpp->sc_int = (int)ival; + return CPP_INTCONSTANT; } else { cpp->currentInput->ungetch(cpp->currentInput, ch, yylvalpp); @@ -477,6 +485,9 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) len++; } ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); + } else { + ShPpErrorToInfoLog("token too long"); + break; } } while (ch >= '0' && ch <= '9'); if (ch == '.' || ch == 'e' || ch == 'f' || ch == 'h' || ch == 'x'|| ch == 'E' || ch == 'F' || ch == 'l' || ch == 'L') { @@ -491,13 +502,13 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) yylvalpp->symbol_name[len] = '\0'; ival = 0; - AlreadyComplained = 0; for (ii = 0; ii < numericLen; ii++) { ch = yylvalpp->symbol_name[ii] - '0'; if ((ival > 429496729) || (ival == 429496729 && ch >= 6)) { - if (! AlreadyComplained) + if (! AlreadyComplained) { ShPpErrorToInfoLog("integral literal too long"); - AlreadyComplained = 1; + AlreadyComplained = 1; + } } ival = ival * 10 + ch; } @@ -711,7 +722,8 @@ static int byte_scan(InputSrc *in, yystypepp * yylvalpp) string_val[len] = ch; len++; ch = cpp->currentInput->getch(cpp->currentInput, yylvalpp); - } + } else + break; }; string_val[len] = '\0'; if (ch == '"') { diff --git a/glslang/MachineIndependent/preprocessor/scanner.h b/glslang/MachineIndependent/preprocessor/scanner.h index 08f6307..0c90b44 100644 --- a/glslang/MachineIndependent/preprocessor/scanner.h +++ b/glslang/MachineIndependent/preprocessor/scanner.h @@ -81,8 +81,8 @@ NVIDIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #if !defined(__SCANNER_H) #define __SCANNER_H 1 -#define MAX_SYMBOL_NAME_LEN 128 -#define MAX_STRING_LEN 512 +#define MAX_SYMBOL_NAME_LEN 1025 +#define MAX_STRING_LEN 1025 #include "parser.h" diff --git a/glslang/MachineIndependent/preprocessor/tokens.c b/glslang/MachineIndependent/preprocessor/tokens.c index 316b9ce..8677713 100644 --- a/glslang/MachineIndependent/preprocessor/tokens.c +++ b/glslang/MachineIndependent/preprocessor/tokens.c @@ -316,6 +316,9 @@ int ReadToken(TokenStream *pTok, yystypepp * yylvalpp) symbol_name[len] = ch; len++; ch = lReadByte(pTok); + } else { + ShPpErrorToInfoLog("token too long"); + break; } } symbol_name[len] = '\0'; @@ -325,9 +328,13 @@ int ReadToken(TokenStream *pTok, yystypepp * yylvalpp) break; case CPP_STRCONSTANT: len = 0; - while ((ch = lReadByte(pTok)) != 0) + while ((ch = lReadByte(pTok)) != 0) { if (len < MAX_STRING_LEN) string_val[len++] = ch; + else + break; + } + string_val[len] = 0; yylvalpp->sc_ident = LookUpAddString(atable, string_val); break; @@ -340,6 +347,9 @@ int ReadToken(TokenStream *pTok, yystypepp * yylvalpp) symbol_name[len] = ch; len++; ch = lReadByte(pTok); + } else { + ShPpErrorToInfoLog("token too long"); + break; } } symbol_name[len] = '\0'; @@ -356,6 +366,9 @@ int ReadToken(TokenStream *pTok, yystypepp * yylvalpp) symbol_name[len] = ch; len++; ch = lReadByte(pTok); + } else { + ShPpErrorToInfoLog("token too long"); + break; } } symbol_name[len] = '\0'; @@ -443,7 +456,7 @@ void UngetToken(int token, yystypepp * yylvalpp) { void DumpTokenStream(FILE *fp, TokenStream *s, yystypepp * yylvalpp) { int token; - const int maxSize = 100; + const int maxSize = MAX_SYMBOL_NAME_LEN + 5; char str[100]; if (fp == 0) fp = stdout;