From 0168c96019eb9247d0cf7453a9b6b6adad5c2905 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Thu, 21 Apr 2016 06:40:34 -0700
Subject: Better job of diagnosing out-of-range char escapes.

* parser.l (num_esc): Check for converted value being
out of the range of wchar_t or beyond 0x10FFFF, whichever
is less.
---
 parser.l | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/parser.l b/parser.l
index 5e608c8b..d87e03eb 100644
--- a/parser.l
+++ b/parser.l
@@ -160,17 +160,24 @@ static wchar_t char_esc(int letter)
 
 static wchar_t num_esc(scanner_t *scn, char *num)
 {
+  long val;
+
   if (num[0] == 'x') {
     if (strlen(num) > 7)
       yyerror(scn, yyget_extra(scn), "too many digits in hex character escape");
-    return strtol(num + 1, 0, 16);
+    val = strtol(num + 1, 0, 16);
   } else {
     if (num[0] == 'o')
       num++;
     if (strlen(num) > 8)
       yyerror(scn, yyget_extra(scn), "too many digits in octal character escape");
-    return strtol(num, 0, 8);
+    val = strtol(num, 0, 8);
   }
+
+  if (val < 0 || val > 0x10FFFF || (wchar_t) val != val)
+    yyerror(scn, yyget_extra(scn), "numeric character escape out of range");
+
+  return val;
 }
 
 %}
-- 
cgit v1.2.3