From 45baf5846bb2134c857cf523ee7fa41cfd1c92b0 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sun, 3 Jul 2005 23:58:53 +0000
Subject: The memory leak/static buffer fix in r4018 was bogus and did not
 properly detect the end of unescaped strings. Reported by Jakob Hirsch.

svn path=/trunk/; revision=4088
---
 rcfile_l.l | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/rcfile_l.l b/rcfile_l.l
index 7cd26d03..d82ed758 100644
--- a/rcfile_l.l
+++ b/rcfile_l.l
@@ -31,7 +31,7 @@ int prc_lineno = 1;
 %%
 
 \"[^\"]*\"	{
-			yytext[strlen(yytext)-1] = '\0';
+			yytext[yyleng-1] = '\0';
 			escapes(yytext+1, yytext);
 			yyleng = strlen(yytext);
 			yylval.sval = yytext;
@@ -39,7 +39,7 @@ int prc_lineno = 1;
 			return STRING;
 		}
 \'[^\']*\'	{
-			yytext[strlen(yytext)-1] = '\0';
+			yytext[yyleng-1] = '\0';
 			escapes(yytext+1, yytext);
 			yyleng = strlen(yytext);
 			yylval.sval = yytext;
@@ -50,9 +50,18 @@ int prc_lineno = 1;
 "*"		{ BEGIN(0); return WILDCARD; }
 
 <NAME>[^=;:, \t\r\n]+	{
-			escapes(yytext, yytext);
-			yyleng = strlen(yytext);
-			yylval.sval = yytext;
+			static char *in;
+			static size_t ins;
+
+			if (yyleng + 1 > ins) {
+			    ins = yyleng + 1;
+			    in = xrealloc(in, ins);
+			}
+			memcpy(in, yytext, yyleng);
+			in[yyleng] = '\0';
+			escapes(in, in);
+			yyleng = strlen(in);
+			yylval.sval = in;
                         SETSTATE(0);
 			return STRING;
 		}
-- 
cgit v1.2.3