[metapost] segfault on incorrect input
Akira Kakuto
kakuto at w32tex.org
Sun May 2 05:13:35 CEST 2021
On 2021/05/01 23:45, luigi scarso wrote:
> ok, I check.
The present MetaPost seems to increase mp->stack_size without limit.
Therefore I think that segmentation fault occurs in this example.
As a test, I considered an attached mp.w.diff.
Then this example exits as follows:
! Missing `=' has been inserted.
<to be read again>
-
l.3 def a-
b = a-c enddef;
input stack overflow
Note that mp.w.diff is only a test, and it should not be
used.
Best,
Akira
-------------- next part --------------
--- mp.w.orig Sun Apr 11 10:11:50 2021
+++ mp.w Sun May 02 11:54:40 2021
@@ -18136,10 +18136,13 @@
@d push_input { /* enter a new input level, save the old */
if ( mp->input_ptr>mp->max_in_stack ) {
mp->max_in_stack=mp->input_ptr;
- if ( mp->input_ptr==mp->stack_size ) {
+ if ( mp->input_ptr==mp->stack_size && mp->stack_size < 301) {
int l = (mp->stack_size+(mp->stack_size/4));
XREALLOC(mp->input_stack, l, in_state_record);
mp->stack_size = l;
+ } else {
+ fprintf(stderr, "input stack overflow\n");
+ exit(1);
}
}
mp->input_stack[mp->input_ptr]=mp->cur_input; /* stack the record */
More information about the metapost
mailing list.