Fix buffer overrun processing macro definitions

Fix potential buffer overrun (__first iterator becomes > __last and starts processing garbage) when parsing macro definitions that would occur if a macro definition ends in a comment. This would cause the macro definition to contain incorrect content or even outright garbage (i.e. random memory) if the trailing comment is at the end of the file, as in boost/type_traits/detail/type_trait_def.hpp. In this worst case, the macro expansion could contain a NUL byte which would cause parsing to prematurely halt at the point of expansion. Change-Id: I94ded39d9a20dc9510d827bc18adb2dc1bad17f0 Reviewed-by: John Cummings <jcummings2@users.sf.net>
author: Matthew Woehlke <matthew.woehlke@kitware.com> 2013-10-15 11:38:02 -0400
committer: John Cummings <jcummings2@users.sf.net> 2013-10-15 21:07:43 +0200
commit: 2f8abc0c22539e96b1158e283f4da97acfbe98f8 (patch)
tree: 5dd688b108be47adb2b683c9c3f1ec11bfa8278a /ApiExtractor
parent: 1bc255c4b5f8ac2d71d0aa91b3a063c3f8978a8f (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ApiExtractor/parser/rpp/pp-engine-bits.h b/ApiExtractor/parser/rpp/pp-engine-bits.h
index 5552b162b..a15059e2d 100644
--- a/ApiExtractor/parser/rpp/pp-engine-bits.h
+++ b/ApiExtractor/parser/rpp/pp-engine-bits.h
@@ -623,6 +623,8 @@ _InputIterator pp::handle_define(_InputIterator __first, _InputIterator __last)
             } else {
                 __first = skip_comment_or_divop(__first, __last);
                 env.current_line += skip_comment_or_divop.lines;
+                if (__first == __last)
+                    break;
             }
         }
author	Matthew Woehlke <matthew.woehlke@kitware.com>	2013-10-15 11:38:02 -0400
committer	John Cummings <jcummings2@users.sf.net>	2013-10-15 21:07:43 +0200
commit	2f8abc0c22539e96b1158e283f4da97acfbe98f8 (patch)
tree	5dd688b108be47adb2b683c9c3f1ec11bfa8278a /ApiExtractor
parent	1bc255c4b5f8ac2d71d0aa91b3a063c3f8978a8f (diff)