gbranden pushed a commit to branch master
in repository groff.
commit f3c220e6a84c24351abd0f6351abac2c7fabac16
Author: G. Branden Robinson <[email protected]>
AuthorDate: Tue Dec 23 19:54:31 2025 -0600
[troff]: Use a bigger buffer for spec char descs.
* src/roff/troff/input.cpp (token::is_usable_as_delimiter)
(token::description): Double the size of the stack-allocated buffer we
use to populate diagnostic messages about characters being unsuitable
for use as delimiter, or unsuitable for use at all, respectively. I'm
thrilled about neither potentially truncating identifiers nor about
grabbing a potentially unbounded amount of space from the stack, nor
about leaking memory on the heap--there's no good place to free this
memory because we return a `char` pointer to our caller. Risking
truncation seems the best of a bad set of choices.
Before:
$ printf '.pl \\[i-do-not-exist]u\n' | ./build/test-groff
troff:<standard input>:1: error: ignoring invalid numeric expression
starting with nonexistent special character or class 'i-do-n
After:
$ printf '.pl \\[i-do-not-exist]u\n' | ./build/test-groff
troff:<standard input>:1: error: ignoring invalid numeric expression
starting with nonexistent special character or class 'i-do-not-exist'
---
ChangeLog | 13 +++++++++++++
src/roff/troff/input.cpp | 23 ++++++++++++++---------
2 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 67581ab3a..6b334adfe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2025-12-23 G. Branden Robinson <[email protected]>
+
+ * src/roff/troff/input.cpp (token::is_usable_as_delimiter)
+ (token::description): Double the size of the stack-allocated
+ buffer we use to populate diagnostic messages about characters
+ being unsuitable for use as delimiter, or unsuitable for use at
+ all, respectively. I'm thrilled about neither potentially
+ truncating identifiers nor about grabbing a potentially
+ unbounded amount of space from the stack, nor about leaking
+ memory on the heap--there's no good place to free this memory
+ because we return a `char` pointer to our caller. Risking
+ truncation seems the best of a bad set of choices.
+
2025-12-23 G. Branden Robinson <[email protected]>
* src/roff/troff/input.cpp (token::description): Improve
diff --git a/src/roff/troff/input.cpp b/src/roff/troff/input.cpp
index 5000e8bf8..1f6a9734c 100644
--- a/src/roff/troff/input.cpp
+++ b/src/roff/troff/input.cpp
@@ -2945,9 +2945,11 @@ bool token::is_usable_as_delimiter(bool report_error,
case TOKEN_NODE:
if (report_error) {
// Reserve a buffer large enough to handle the lengthiest case.
- const size_t maxstr
- = sizeof "space character horizontal motion node token";
- const size_t bufsz = maxstr + 1; // for trailing '\0'
+ // See `token::description()`.
+ const size_t bufsz
+ = sizeof "space character horizontal motion node token"
+ + sizeof "bracketrighttp"
+ + 2 /* for trailing '"' and '\0' */;
// C++03: char[bufsz]();
static char buf[bufsz];
(void) memset(buf, 0, bufsz);
@@ -2972,17 +2974,20 @@ bool token::is_usable_as_delimiter(bool report_error,
const char *token::description()
{
- // Reserve a buffer large enough to handle the lengthiest cases.
+ // Reserve a buffer large enough to handle the lengthiest cases. The
+ // user can still contrive, by accident or otherwise, an arbitrarily
+ // long identifier.
// "character code XXX"
// "special character 'bracketrighttp'"
// "indexed character -2147483648"
// "space character horizontal motion node token"
+ // "nonexistent special character or class"
// Future:
// "character code XXX (U+XXXX)" or similar
- const size_t maxstr
- = sizeof "space character horizontal motion node token";
- const size_t bufsz = maxstr + 2; // for trailing '"' and '\0'
- // C++03: char[bufsz]();
+ const size_t bufsz
+ = sizeof "space character horizontal motion node token"
+ + sizeof "bracketrighttp"
+ + 2 /* for trailing '"' and '\0' */;
static char buf[bufsz];
(void) memset(buf, 0, bufsz);
switch (type) {
@@ -3032,7 +3037,7 @@ const char *token::description()
return buf;
}
case TOKEN_INDEXED_CHAR:
- (void) snprintf(buf, maxstr, "indexed character %d",
+ (void) snprintf(buf, bufsz, "indexed character %d",
character_index());
return buf;
case TOKEN_RIGHT_BRACE:
_______________________________________________
groff-commit mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/groff-commit
