Fix buffer overflow in parser

[xboard.git] / parser.c

diff --git a/parser.c b/parser.c
index e0b4ff4..8b1dc3f 100644 (file)
--- a/parser.c
+++ b/parser.c
@@ -174,6 +174,10 @@ NextUnit (char **p)
            if(fromString) return 0; // we are parsing string, so the end is really the end
            *p = inPtr = inputBuf;
            if(!ReadLine()) return 0; // EOF
+       } else if(inPtr > inputBuf + PARSEBUFSIZE/2) { // buffer fills up with already parsed stuff
+           char *q = *p, *r = inputBuf;
+           while(*r++ = *q++);
+           *p = inputBuf; inPtr = r - 1;
        }
        parseStart = oldp = *p; // remember where we begin
 
@@ -353,7 +357,7 @@ badMove:// we failed to find algebraic move
        }
 
        // ********* SAN Castings *************************************
-       if(**p == 'O' || **p == 'o' || **p == '0') {
+       if(**p == 'O' || **p == 'o' || **p == '0' && !Match("00:", p)) { // exclude 00 in time stamps
            int castlingType = 0;
            if(Match("O-O-O", p) || Match("o-o-o", p) || Match("0-0-0", p) ||
               Match("OOO", p) || Match("ooo", p) || Match("000", p)) castlingType = 2;
@@ -532,6 +536,8 @@ badMove:// we failed to find algebraic move
            return Nothing;
        }
 
+       // ********* Prevent 00 in unprotected time stamps to be mistaken for castling *******
+       if(Match(":00", p)) return Nothing;
 
        // ********* Could not match to anything. Return offending character ****
        (*p)++;