From: Justin Viiret <justin.viiret@intel.com>
Date: Fri, 3 Feb 2017 00:17:47 +0000 (+1100)
Subject: parser: check for std::out_of_range from stoul
X-Git-Tag: v4.5.0^2~247
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=084596bb5e24929380e7c3e645ed6ecb890e7a4d;p=thirdparty%2Fvectorscan.git

parser: check for std::out_of_range from stoul
---

diff --git a/src/parser/Parser.rl b/src/parser/Parser.rl
index ea8e88a9..6f4fd80a 100644
--- a/src/parser/Parser.rl
+++ b/src/parser/Parser.rl
@@ -974,7 +974,12 @@ unichar readUtf8CodePoint4c(const char *s) {
 
               '\\o{' [0-7]+ '}' => {
                   string oct(ts + 3, te - ts - 4);
-                  unsigned long val = stoul(oct, nullptr, 8);
+                  unsigned long val;
+                  try {
+                      val = stoul(oct, nullptr, 8);
+                  } catch (const std::out_of_range &) {
+                      val = MAX_UNICODE + 1;
+                  }
                   if ((!mode.utf8 && val > 255) || val > MAX_UNICODE) {
                       throw LocatedParseError("Value in \\o{...} sequence is too large");
                   }
@@ -999,7 +1004,12 @@ unichar readUtf8CodePoint4c(const char *s) {
               # Unicode Hex
               '\\x{' xdigit+ '}' => {
                   string hex(ts + 3, te - ts - 4);
-                  unsigned long val = stoul(hex, nullptr, 16);
+                  unsigned long val;
+                  try {
+                      val = stoul(hex, nullptr, 16);
+                  } catch (const std::out_of_range &) {
+                      val = MAX_UNICODE + 1;
+                  }
                   if (val > MAX_UNICODE) {
                       throw LocatedParseError("Value in \\x{...} sequence is too large");
                   }
@@ -1488,7 +1498,12 @@ unichar readUtf8CodePoint4c(const char *s) {
               };
               '\\o{' [0-7]+ '}' => {
                   string oct(ts + 3, te - ts - 4);
-                  unsigned long val = stoul(oct, nullptr, 8);
+                  unsigned long val;
+                  try {
+                      val = stoul(oct, nullptr, 8);
+                  } catch (const std::out_of_range &) {
+                      val = MAX_UNICODE + 1;
+                  }
                   if ((!mode.utf8 && val > 255) || val > MAX_UNICODE) {
                       throw LocatedParseError("Value in \\o{...} sequence is too large");
                   }
@@ -1505,7 +1520,12 @@ unichar readUtf8CodePoint4c(const char *s) {
               # Unicode Hex
               '\\x{' xdigit+ '}' => {
                   string hex(ts + 3, te - ts - 4);
-                  unsigned long val = stoul(hex, nullptr, 16);
+                  unsigned long val;
+                  try {
+                      val = stoul(hex, nullptr, 16);
+                  } catch (const std::out_of_range &) {
+                      val = MAX_UNICODE + 1;
+                  }
                   if (val > MAX_UNICODE) {
                       throw LocatedParseError("Value in \\x{...} sequence is too large");
                   }