glsl: Fix crashes caused by Bison error messages involving "'%'".

Invalid shaders containing the character % at an unexpected location
would cause Bison to call yyerror with a message of:

    syntax error, unexpected '%'

Bison expects yyerror() to take a string, while _mesa_glsl_error() is a
printf-style function.  This hit the classic printf string escape issue:

    _mesa_glsl_error(loc, state, "unexpected '%'");       // invalid!
    _mesa_glsl_error(loc, state, "%s", "unexpected '%'"); // correct.

This caused assertion failures after ralloc_asprintf_append called
vsnprintf to determine the length of the text that would be printed:
vsnprintf would see the invalid format and return -1, an invalid length.

The solution is to define a proper yyerror() wrapper function that calls
_mesa_glsl_error with the "%s".  Since we compile with -p "_mesa_glsl",
yyerror is defined as:

    #define yyerror         _mesa_glsl_error

So we have to #undef yyerror in order to be able to declare it.

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=43564
Signed-off-by: Kenneth Graunke <kenneth@whitecape.org>
Reviewed-by: Ian Romanick <ian.d.romanick@intel.com>
Acked-by: Paul Berry <stereotype441@gmail.com>

diff --git a/src/glsl/glsl_parser.yy b/src/glsl/glsl_parser.yy
index 71ab039d620dc9b98e2c35625fc284195f0a6eb1..8a0377f492352778c9ea00de4aa53c5d83b8519c 100644 (file)
--- a/src/glsl/glsl_parser.yy
+++ b/src/glsl/glsl_parser.yy
@@ -32,6 +32,12 @@
 
 #define YYLEX_PARAM state->scanner
 
+#undef yyerror
+
+static void yyerror(YYLTYPE *loc, _mesa_glsl_parse_state *st, const char *msg)
+{
+   _mesa_glsl_error(loc, st, "%s", msg);
+}
 %}
 
 %pure-parser