summaryrefslogtreecommitdiff
path: root/util
diff options
context:
space:
mode:
authorJacob Garber <jgarber1@ualberta.ca>2019-05-17 12:51:47 -0600
committerPatrick Georgi <pgeorgi@google.com>2019-05-21 09:28:36 +0000
commitae8301fddbb5c8456b738bbeab94b98ae3eb06b6 (patch)
treef48cc998cd39784ace4c109b37677dc887e0bec4 /util
parentb79d2dee2b2f294aac97dad849909d7bfb892c76 (diff)
util/romcc: Fix parsing of empty string literal
The corner case of an empty string literal was causing romcc to segfault. This checks if the literal is empty, and if so allocates a size one buffer for the terminating null character. A test case for this is added to ensure it doesn't happen again. Found-by: Coverity CID 1129099 Signed-off-by: Jacob Garber <jgarber1@ualberta.ca> Change-Id: I067160a3b9998184f44e4878ef6269f372fe68bb Reviewed-on: https://review.coreboot.org/c/coreboot/+/32852 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Diffstat (limited to 'util')
-rw-r--r--util/romcc/romcc.c9
-rw-r--r--util/romcc/tests/simple_test87.c4
2 files changed, 13 insertions, 0 deletions
diff --git a/util/romcc/romcc.c b/util/romcc/romcc.c
index bf0510a49f..b9ec835f6f 100644
--- a/util/romcc/romcc.c
+++ b/util/romcc/romcc.c
@@ -10782,6 +10782,15 @@ static struct triple *string_constant(struct compile_state *state)
} while(str < end);
type->elements = ptr - buf;
} while(peek(state) == TOK_LIT_STRING);
+
+ /* buf contains the allocated buffer for the string constant. However,
+ if buf is NULL, then the string constant is empty, but we still
+ need to allocate one byte for the null character. */
+ if (buf == NULL) {
+ buf = xmalloc(1, "string_constant");
+ ptr = buf;
+ }
+
*ptr = '\0';
type->elements += 1;
def = triple(state, OP_BLOBCONST, type, 0, 0);
diff --git a/util/romcc/tests/simple_test87.c b/util/romcc/tests/simple_test87.c
new file mode 100644
index 0000000000..6a1148c46a
--- /dev/null
+++ b/util/romcc/tests/simple_test87.c
@@ -0,0 +1,4 @@
+static void main(void)
+{
+ char *x = "";
+}