From 00335e43ef59194152aa0e81e253e7ccdba29ff2 Mon Sep 17 00:00:00 2001
From: "H. Peter Anvin (Intel)" <hpa@zytor.com>
Date: Sun, 14 Jun 2020 19:49:19 -0700
Subject: preproc.c: make extra sure tokens are always null-terminated

In tok_set_text() and tok_set_text_free(), don't trust that
the caller has given us a zero-terminated string.

Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
---
 asm/preproc.c | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/asm/preproc.c b/asm/preproc.c
index 53136abd..663e066b 100644
--- a/asm/preproc.c
+++ b/asm/preproc.c
@@ -370,12 +370,13 @@ static Token *set_text(struct Token *t, const char *text, size_t len)
     if (t->len > INLINE_TEXT)
 	nasm_free(t->text.p.ptr);
 
-    nasm_zero(t->text.a);
+    nasm_zero(t->text);
 
-    t->len = tok_check_len(len);
+    t->len = len = tok_check_len(len);
     textp = (len > INLINE_TEXT)
 	? (t->text.p.ptr = nasm_malloc(len+1)) : t->text.a;
-    memcpy(textp, text, len+1);
+    memcpy(textp, text, len);
+    textp[len] = '\0';
     return t;
 }
 
@@ -383,18 +384,20 @@ static Token *set_text(struct Token *t, const char *text, size_t len)
  * Set the text field to the existing pre-allocated string, either
  * taking over or freeing the allocation in the process.
  */
-static Token *set_text_free(struct Token *t, char *text, unsigned int len)
+static Token *set_text_free(struct Token *t, char *text, size_t len)
 {
     if (t->len > INLINE_TEXT)
 	nasm_free(t->text.p.ptr);
 
-    nasm_zero(t->text.a);
+    nasm_zero(t->text);
 
-    t->len = tok_check_len(len);
+    t->len = len = tok_check_len(len);
     if (len > INLINE_TEXT) {
 	t->text.p.ptr = text;
+        text[len] = '\0';
     } else {
-	memcpy(t->text.a, text, len+1);
+	memcpy(t->text.a, text, len);
+        t->text.a[len] = '\0';
 	nasm_free(text);
     }
 
-- 
cgit v1.2.1