Fix buffer overflow in parser

When a line ended with a comment, the parser had to read a line ahead
to check if there was a PGNresult following, without being able to
throw away the previous line yet. This could lead to buffer overflow
in a long game where every line ended in a comment. The buffer now is
cleansed of already parsed data when starting on a new syntactical unit.

diff --git a/parser.c b/parser.c
index 6da13d4..8b1dc3f 100644 (file)
--- a/parser.c
+++ b/parser.c
@@ -174,6 +174,10 @@ NextUnit (char **p)
            if(fromString) return 0; // we are parsing string, so the end is really the end
            *p = inPtr = inputBuf;
            if(!ReadLine()) return 0; // EOF
+       } else if(inPtr > inputBuf + PARSEBUFSIZE/2) { // buffer fills up with already parsed stuff
+           char *q = *p, *r = inputBuf;
+           while(*r++ = *q++);
+           *p = inputBuf; inPtr = r - 1;
        }
        parseStart = oldp = *p; // remember where we begin
 

diff --git a/winboard/config.h b/winboard/config.h
index 7b64b56..bd928ca 100644 (file)
--- a/winboard/config.h
+++ b/winboard/config.h
@@ -55,7 +55,7 @@
 #define PACKAGE_VERSION "4.7.2"\r
 \r
 /* Define the Windows-specific FILE version info.  this *MUST* be four comma separated 16-bit integers */\r
-#define PACKAGE_FILEVERSION 4,7,2013,0828\r
+#define PACKAGE_FILEVERSION 4,7,2013,828\r
 \r
 #define PTY_ITERATION\r
 \r