Fix 3 parser bugs, details later. Code now. Untested, compiles.
Signed-off-by: Carl-Daniel Hailfinger c-d.hailfinger.devel.2006@gmx.net
Index: flashrom-parserbugs/layout.c =================================================================== --- flashrom-parserbugs/layout.c (Revision 1750) +++ flashrom-parserbugs/layout.c (Arbeitskopie) @@ -60,30 +60,33 @@ }
while (!feof(romlayout)) { - char *tstr1, *tstr2; + char *tstr1, *tstr2, *tstr3, *tstr4;
if (num_rom_entries >= MAX_ROMLAYOUT) { msg_gerr("Maximum number of ROM images (%i) in layout " "file reached.\n", MAX_ROMLAYOUT); + fclose(romlayout); return 1; } - if (2 != fscanf(romlayout, "%s %s\n", tempstr, rom_entries[num_rom_entries].name)) - continue; -#if 0 - // fscanf does not like arbitrary comments like that :( later - if (tempstr[0] == '#') { - continue; + if (!fgets(tempstr, 256, romlayout)) { + printf("Failing fgets without EOF should not happen!\n"); + break; } -#endif + tstr1 = strtok(tempstr, ":"); - tstr2 = strtok(NULL, ":"); - if (!tstr1 || !tstr2) { - msg_gerr("Error parsing layout file. Offending string: "%s"\n", tempstr); + tstr2 = strtok(NULL, " \t"); + tstr3 = strtok(NULL, " \t\r\n"); + tstr4 = strtok(NULL, " \t\r\n"); + if (!tstr1 || !tstr2 || !tstr3 || tstr4) { + msg_gerr("Error parsing layout file. Offending string after parsing: "%s:%s %s%s"\n", tstr1 ? : "(null)", tstr2 ? : "(null)", tstr3 ? : "(null)", tstr4 ? "trailing garbage" : ""); fclose(romlayout); - return 1; + return 2; } + printf("strlen(tempstr)=%lu, strlen(name)=%lu\n", strlen(tempstr), strlen(rom_entries[num_rom_entries].name)); rom_entries[num_rom_entries].start = strtol(tstr1, (char **)NULL, 16); rom_entries[num_rom_entries].end = strtol(tstr2, (char **)NULL, 16); + /* strcpy is actually safe here because tstr3 is shorter than 256 bytes because strlen(tempstr)<256. */ + strcpy(rom_entries[num_rom_entries].name, tstr3); rom_entries[num_rom_entries].included = 0; num_rom_entries++; }