The buffer "buf" will be reused for other strings. If we pass the
pointer to it to other code, it might later access free'd memory using
that pointer.
---
gettext-tools/src/po-lex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gettext-tools/src/po-lex.c b/gettext-tools/src/po-lex.c
index 3bf5449..9b9704a 100644
--- a/gettext-tools/src/po-lex.c
+++ b/gettext-tools/src/po-lex.c
@@ -945,7 +945,7 @@ po_gram_lex ()
}
buf[bufpos] = '\0';
- po_gram_lval.string.string = buf;
+ po_gram_lval.string.string = xstrdup (buf);
po_gram_lval.string.pos = gram_pos;
po_gram_lval.string.obsolete = po_lex_obsolete;
po_lex_obsolete = false;
--
1.8.1.5
