From 0c0fd9a15ecff4eebb0e9e6e1a6ce2a6550e397a Mon Sep 17 00:00:00 2001 From: Przemyslaw Czerpak Date: Wed, 5 May 2010 07:58:32 +0000 Subject: [PATCH] 2010-05-05 09:58 UTC+0200 Przemyslaw Czerpak (druzus/at/priv.onet.pl) * harbour/src/compiler/gencc.c ! fixed possible HVM stack corruption by dummy (alias->field) code which does not store the result. The problem was exploited by code generated for -gc3 mode only. Here is self contain example: proc main() begin sequence with {||break()} p() end sequence proc p() (test->name) (test->name) return --- harbour/ChangeLog | 14 ++++++++++++++ harbour/src/compiler/gencc.c | 16 ++++++++-------- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/harbour/ChangeLog b/harbour/ChangeLog index 376e821000..cdeebe3c65 100644 --- a/harbour/ChangeLog +++ b/harbour/ChangeLog @@ -17,6 +17,20 @@ past entries belonging to author(s): Viktor Szakats. */ +2010-05-05 09:58 UTC+0200 Przemyslaw Czerpak (druzus/at/priv.onet.pl) + * harbour/src/compiler/gencc.c + ! fixed possible HVM stack corruption by dummy (alias->field) code + which does not store the result. The problem was exploited by + code generated for -gc3 mode only. Here is self contain example: + proc main() + begin sequence with {||break()} + p() + end sequence + proc p() + (test->name) + (test->name) + return + 2010-05-05 08:02 UTC+0200 Viktor Szakats (harbour.01 syenar.hu) * src/rtl/achoice.prg ! Added patch by Jerry Finuliar to fine tune cursor diff --git a/harbour/src/compiler/gencc.c b/harbour/src/compiler/gencc.c index ac20f1cddf..3f68ea2204 100644 --- a/harbour/src/compiler/gencc.c +++ b/harbour/src/compiler/gencc.c @@ -1411,25 +1411,25 @@ static HB_GENC_FUNC( hb_p_pushsym ) return 4; case HB_P_PUSHALIASEDFIELDNEAR: fprintf( cargo->yyc, - "\thb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 1 ] ), pFunc->pCode[ lPCodePos + 4 ] ); return 5; case HB_P_PUSHALIASEDFIELD: fprintf( cargo->yyc, - "\thb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 1 ] ), HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 4 ] ) ); return 6; case HB_P_POPALIASEDFIELDNEAR: fprintf( cargo->yyc, - "\thb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 1 ] ), pFunc->pCode[ lPCodePos + 4 ] ); return 5; case HB_P_POPALIASEDFIELD: fprintf( cargo->yyc, - "\thb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 1 ] ), HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 4 ] ) ); return 6; @@ -1455,25 +1455,25 @@ static HB_GENC_FUNC( hb_p_pushsymnear ) return 3; case HB_P_PUSHALIASEDFIELDNEAR: fprintf( cargo->yyc, - "\thb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", pFunc->pCode[ lPCodePos + 1 ], pFunc->pCode[ lPCodePos + 3 ] ); return 4; case HB_P_PUSHALIASEDFIELD: fprintf( cargo->yyc, - "\thb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPushAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", pFunc->pCode[ lPCodePos + 1 ], HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 3 ] ) ); return 5; case HB_P_POPALIASEDFIELDNEAR: fprintf( cargo->yyc, - "\thb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", pFunc->pCode[ lPCodePos + 1 ], pFunc->pCode[ lPCodePos + 3 ] ); return 4; case HB_P_POPALIASEDFIELD: fprintf( cargo->yyc, - "\thb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u );\n", + "\tif( hb_xvmPopAliasedFieldExt( symbols + %u, symbols + %u ) ) break;\n", pFunc->pCode[ lPCodePos + 1 ], HB_PCODE_MKUSHORT( &pFunc->pCode[ lPCodePos + 3 ] ) ); return 5;