Attempt to fix crashes caused by the AFL fuzzer
After inspecting the files used to crash it, I am pretty sure that at
least one source of crashing is receiving '\0' bytes from input (because
of inputting binary files), which is causing fgets() to not do what I
wanted (though it is doing the right thing). I replaced fgets() with a
loop and fgetc() instead.
This change also has another advantage: checking for binary files is not
in the lexer, but in bc_io_getline(), which will automatically stop the
loop in bc_stdin() without explicitly checking for the status
BC_STATUS_LEX_BIN_FILE.
diff --git a/src/data.c b/src/data.c
index db8b9dd..a5199f0 100644
--- a/src/data.c
+++ b/src/data.c
@@ -44,12 +44,12 @@
BC_ERR_IDX_BC,
BC_ERR_IDX_BC,
BC_ERR_IDX_BC,
+ BC_ERR_IDX_BC,
BC_ERR_IDX_LEX,
BC_ERR_IDX_LEX,
BC_ERR_IDX_LEX,
BC_ERR_IDX_LEX,
- BC_ERR_IDX_LEX,
BC_ERR_IDX_PARSE,
BC_ERR_IDX_PARSE,
@@ -102,8 +102,9 @@
"memory allocation error",
"I/O error",
- "bad character",
"file is not text",
+
+ "bad character",
"string end could not be found",
"comment end could not be found",
"end of file",