From 7aaddf52cd98589fb0c3ab72a393f8411838438a Mon Sep 17 00:00:00 2001
From: "Emden R. Gansner" <erg@alum.mit.edu>
Date: Fri, 4 Oct 2013 09:06:39 -0400
Subject: [PATCH] Fix buffer overflow problem when reporting a syntax error
 with a very long input line

---
 lib/cgraph/scan.l | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l
index 3cfde0f..2efd203 100644
--- a/lib/cgraph/scan.l
+++ b/lib/cgraph/scan.l
@@ -16,6 +16,7 @@
 %{
 #include <grammar.h>
 #include <cghdr.h>
+#include <agxbuf.h>
 #include <ctype.h>
 #define GRAPH_EOF_TOKEN		'@'		/* lex class must be defined below */
 	/* this is a workaround for linux flex */
@@ -191,13 +192,21 @@ ID		({NAME}|{NUMBER})
 %%
 void yyerror(char *str)
 {
+	unsigned char	xbuf[BUFSIZ];
 	char	buf[BUFSIZ];
-	if (InputFile)
-		sprintf(buf,"%s:%d: %s in line %d near '%s'\n",InputFile, line_num,
-			str,line_num,yytext);
-	else
-		sprintf(buf," %s in line %d near '%s'\n", str,line_num,yytext);
-	agerr(AGWARN,buf);
+	agxbuf  xb;
+
+	agxbinit(&xb, BUFSIZ, xbuf);
+	if (InputFile) {
+		agxbput (&xb, InputFile);
+		agxbput (&xb, ": ");
+	}
+	sprintf(buf," %s in line %d near '", str,line_num);
+	agxbput (&xb, buf);
+	agxbput (&xb, yytext);
+	agxbput (&xb,"'\n");
+	agerr(AGWARN,agxbuse(&xb));
+	agxbfree(&xb);
 }
 /* must be here to see flex's macro defns */
 void aglexeof() { unput(GRAPH_EOF_TOKEN); }
-- 
1.8.5.1