Grow the lex token buffer in one more place

when parsing key pairs, if the '=' character fell at max_token
a protective INSIST preventing buffer overrun could be triggered.
Attempt to grow the buffer immediately before the INSIST.

Also removed an unnecessary INSIST on the opening double quote
of key buffer pair.

(cherry picked from commit 4c356d277002d3e2f60fe43aaa85a4d524d933f8)

diff --git a/lib/isc/lex.c b/lib/isc/lex.c
index 954655380004c003e1a50fd945a98bd9022f4c93..aa9b549f799294f2e4f0b0dda41bb23f74b38b95 100644 (file)
--- a/lib/isc/lex.c
+++ b/lib/isc/lex.c
@@ -670,6 +670,13 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) {
                case lexstate_string:
                        if (!escaped && c == '=' &&
                            (options & ISC_LEXOPT_VPAIR) != 0) {
+                               if (remaining == 0U) {
+                                       result = grow_data(lex, &remaining,
+                                                          &curr, &prev);
+                                       if (result != ISC_R_SUCCESS) {
+                                               goto done;
+                                       }
+                               }
                                INSIST(remaining > 0U);
                                *curr++ = c;
                                *curr = '\0';
@@ -682,7 +689,6 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) {
                        if (state == lexstate_vpairstart) {
                                if (c == '"' &&
                                    (options & ISC_LEXOPT_QVPAIR) != 0) {
-                                       INSIST(remaining > 0U);
                                        no_comments = true;
                                        state = lexstate_qvpair;
                                        break;