folkert/simh-testsetgenerator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ALTAIR: Avoid potential buffer overrun while parsing opcodes and arguments

Browse source
This commit is contained in:
Mark Pizzolato 2017-03-29 14:16:57 -07:00
parent d4a79a27b0
commit c2c1f04e8a
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ALTAIR/altair_sys.c
View file

@ -252,9 +252,9 @@ if ((sw & SWMASK ('C')) || ((*cptr == '"') && cptr++)) { /* ASCII string? */
or numeric (including spaces). or numeric (including spaces).
*/ */
while (i < sizeof (gbuf)) { while (i < sizeof (gbuf) - 3) {
if (*cptr == ',' || *cptr == '\0' || if (*cptr == ',' || *cptr == '\0' ||
isdigit(*cptr)) sim_isdigit(*cptr))
break; break;
gbuf[i] = toupper(*cptr); gbuf[i] = toupper(*cptr);
cptr++; cptr++;
@ -294,7 +294,7 @@ for (j = 0; j < 256; j++) {
break; break;
} }
if (j > 255) /* not found */ if (j > 255) /* not found */
return SCPE_ARG; return sim_messagef (SCPE_ARG, "No such opcode: %s\n", gbuf);
val[0] = j; /* store opcode */ val[0] = j; /* store opcode */
if (oplen[j] < 2) /* if 1-byter we are done */ if (oplen[j] < 2) /* if 1-byter we are done */