On Mon, 7 Aug 2000, Randy Waki wrote: > I think I've discovered a dangling pointer bug in istack.c. > When PopInLine() in istack.c pops the stack, it fails to check > if lexer->insert is pointing past the new end of stack. This > can cause a subsequent call to InsertedToken() to dereference > the bogus lexer->insert. > > The fix is in the last if statement of PopInLine(), where the > stack is popped: if lexer->insert points past the end of the > stack, set it to null. (It's possible a similar check needs to > be performed just above, too.) Thanks for the bug fix and example code. Regards, -- Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett tel/fax: +44 122 578 3011 (or 2521) +44 778 532 0444 (mobile) World Wide Web Consortium (on assignment from HP Labs)Received on Monday, 7 August 2000 11:13:24 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:37:48 GMT