30 lines
1012 B
Diff
30 lines
1012 B
Diff
|
From 7173baee93fed1c0a20bb02350c22ab219e4654b Mon Sep 17 00:00:00 2001
|
||
|
|
From: "D. Richard Hipp" <drh@hwaci.com>
|
||
|
|
Date: Sun, 1 Jul 2018 16:05:40 +0000
|
||
|
|
Subject: [PATCH 0123/1009] Quick patch to the Lemon parser template to avoid
|
||
|
|
an array overread reported by OSSFuzz. A proper fix involves enhancements to
|
||
|
|
the table generators in Lemon to make the overread impossible. That fix will
|
||
|
|
take longer to implement. The current check-in is a stop-gap.
|
||
|
|
|
||
|
|
From https://github.com/mackyle/sqlite/commit/7173baee93fed1c0a20bb02350c22ab219e4654b
|
||
|
|
|
||
|
|
---
|
||
|
|
tool/lempar.c | 1 +
|
||
|
|
1 file changed, 1 insertion(+)
|
||
|
|
|
||
|
|
diff --git a/tool/lempar.c b/tool/lempar.c
|
||
|
|
index 450dcde..e19aba4 100644
|
||
|
|
--- a/tool/lempar.c
|
||
|
|
+++ b/tool/lempar.c
|
||
|
|
@@ -550,6 +550,7 @@ static YYACTIONTYPE yy_find_shift_action(
|
||
|
|
#if YY_SHIFT_MAX+YYWILDCARD>=YY_ACTTAB_COUNT
|
||
|
|
j<YY_ACTTAB_COUNT &&
|
||
|
|
#endif
|
||
|
|
+ j<sizeof(yy_lookahead)/sizeof(yy_lookahead[0]) &&
|
||
|
|
yy_lookahead[j]==YYWILDCARD && iLookAhead>0
|
||
|
|
){
|
||
|
|
#ifndef NDEBUG
|
||
|
|
--
|
||
|
|
1.8.3.1
|
||
|
|
|