Merge pull request #243 from sysprog21/fixes

Correctness fixes

Author: jserv

src/globals.c

@@ -420,10 +420,8 @@ hashmap_node_t *hashmap_node_new(char *key, void *val)
     }
 
     node->key = arena_alloc(HASHMAP_ARENA, len + 1);
-
     if (!node->key) {
         printf("Failed to allocate hashmap_node_t key with size %d\n", len + 1);
-        free(node);
         return NULL;
     }
 

src/lexer.c

@@ -277,6 +277,8 @@ token_t lex_token_internal(bool aliasing)
         int i = 0;
 
         do {
+            if (i >= MAX_TOKEN_LEN - 1)
+                error("Token too long");
             token_str[i++] = next_char;
         } while (is_alnum(read_char(false)));
         token_str[i] = 0;
@@ -328,30 +330,40 @@ token_t lex_token_internal(bool aliasing)
 
     if (is_digit(next_char)) {
         int i = 0;
+        if (i >= MAX_TOKEN_LEN - 1)
+            error("Token too long");
         token_str[i++] = next_char;
         read_char(false);
 
         if (token_str[0] == '0' && ((next_char | 32) == 'x')) {
             /* Hexadecimal: starts with 0x or 0X */
+            if (i >= MAX_TOKEN_LEN - 1)
+                error("Token too long");
             token_str[i++] = next_char;
 
             read_char(false);
             if (!is_hex(next_char))
                 error("Invalid hex literal: expected hex digit after 0x");
 
             do {
+                if (i >= MAX_TOKEN_LEN - 1)
+                    error("Token too long");
                 token_str[i++] = next_char;
             } while (is_hex(read_char(false)));
 
         } else if (token_str[0] == '0' && ((next_char | 32) == 'b')) {
             /* Binary: starts with 0b or 0B */
+            if (i >= MAX_TOKEN_LEN - 1)
+                error("Token too long");
             token_str[i++] = next_char;
 
             read_char(false);
             if (next_char != '0' && next_char != '1')
                 error("Invalid binary literal: expected 0 or 1 after 0b");
 
             do {
+                if (i >= MAX_TOKEN_LEN - 1)
+                    error("Token too long");
                 token_str[i++] = next_char;
                 read_char(false);
             } while (next_char == '0' || next_char == '1');
@@ -361,13 +373,17 @@ token_t lex_token_internal(bool aliasing)
             while (is_digit(next_char)) {
                 if (next_char >= '8')
                     error("Invalid octal digit: must be in range 0-7");
+                if (i >= MAX_TOKEN_LEN - 1)
+                    error("Token too long");
                 token_str[i++] = next_char;
                 read_char(false);
             }
 
         } else {
             /* Decimal */
             while (is_digit(next_char)) {
+                if (i >= MAX_TOKEN_LEN - 1)
+                    error("Token too long");
                 token_str[i++] = next_char;
                 read_char(false);
             }
@@ -492,6 +508,8 @@ token_t lex_token_internal(bool aliasing)
                     token_str[i - 1] = next_char;
                 }
             } else {
+                if (i >= MAX_TOKEN_LEN - 1)
+                    error("String literal too long");
                 token_str[i++] = next_char;
             }
             if (next_char == '\\')
@@ -744,6 +762,8 @@ token_t lex_token_internal(bool aliasing)
         char *alias;
         int i = 0;
         do {
+            if (i >= MAX_TOKEN_LEN - 1)
+                error("Token too long");
             token_str[i++] = next_char;
         } while (is_alnum(read_char(false)));
         token_str[i] = 0;

tests/driver.sh

@@ -3659,6 +3659,21 @@ int main() {
 }
 EOF
 
+# String literal and escape coverage (additional)
+try_output 0 "AZ" << 'EOF'
+int main() {
+    printf("%s", "\\x41Z"); /* hex escape then normal char */
+    return 0;
+}
+EOF
+
+try_output 0 "AZ" << 'EOF'
+int main() {
+    printf("%s", "A\\132"); /* octal escape for 'Z' */
+    return 0;
+}
+EOF
+
 # Cast zero value
 try_ 0 << EOF
 int main() {