From a600df073a9d1d1ebc166fb02582836f597a7f8f Mon Sep 17 00:00:00 2001
From: Andrew Kelley <superjoe30@gmail.com>
Date: Wed, 25 Nov 2015 15:17:19 -0700
Subject: [PATCH] fix invalid memory write

---
 src/buffer.cpp  |  1 +
 src/buffer.hpp  | 15 +++++++++++++++
 src/codegen.cpp |  1 +
 src/parser.cpp  |  7 ++++---
 4 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/src/buffer.cpp b/src/buffer.cpp
index 87d134b351..6607bb389c 100644
--- a/src/buffer.cpp
+++ b/src/buffer.cpp
@@ -25,6 +25,7 @@ Buf *buf_sprintf(const char *format, ...) {
 }
 
 void buf_appendf(Buf *buf, const char *format, ...) {
+    assert(buf->list.length);
     va_list ap, ap2;
     va_start(ap, format);
     va_copy(ap2, ap);
diff --git a/src/buffer.hpp b/src/buffer.hpp
index 91e282fd21..a58e8bd027 100644
--- a/src/buffer.hpp
+++ b/src/buffer.hpp
@@ -15,6 +15,8 @@
 
 #define BUF_INIT {{0}}
 
+// Note, you must call one of the alloc, init, or resize functions to have an
+// initialized buffer. The assertions should help with this.
 struct Buf {
     ZigList<char> list;
 };
@@ -23,10 +25,12 @@ Buf *buf_sprintf(const char *format, ...)
     __attribute__ ((format (printf, 1, 2)));
 
 static inline int buf_len(Buf *buf) {
+    assert(buf->list.length);
     return buf->list.length - 1;
 }
 
 static inline char *buf_ptr(Buf *buf) {
+    assert(buf->list.length);
     return buf->list.items;
 }
 
@@ -76,6 +80,7 @@ static inline Buf *buf_create_from_str(const char *str) {
 }
 
 static inline Buf *buf_slice(Buf *in_buf, int start, int end) {
+    assert(in_buf->list.length);
     assert(start >= 0);
     assert(end >= 0);
     assert(start < buf_len(in_buf));
@@ -88,6 +93,7 @@ static inline Buf *buf_slice(Buf *in_buf, int start, int end) {
 }
 
 static inline void buf_append_mem(Buf *buf, const char *mem, int mem_len) {
+    assert(buf->list.length);
     assert(mem_len >= 0);
     int old_len = buf_len(buf);
     buf_resize(buf, old_len + mem_len);
@@ -96,14 +102,17 @@ static inline void buf_append_mem(Buf *buf, const char *mem, int mem_len) {
 }
 
 static inline void buf_append_str(Buf *buf, const char *str) {
+    assert(buf->list.length);
     buf_append_mem(buf, str, strlen(str));
 }
 
 static inline void buf_append_buf(Buf *buf, Buf *append_buf) {
+    assert(buf->list.length);
     buf_append_mem(buf, buf_ptr(append_buf), buf_len(append_buf));
 }
 
 static inline void buf_append_char(Buf *buf, uint8_t c) {
+    assert(buf->list.length);
     buf_append_mem(buf, (const char *)&c, 1);
 }
 
@@ -111,20 +120,25 @@ void buf_appendf(Buf *buf, const char *format, ...)
     __attribute__ ((format (printf, 2, 3)));
 
 static inline bool buf_eql_mem(Buf *buf, const char *mem, int mem_len) {
+    assert(buf->list.length);
     if (buf_len(buf) != mem_len)
         return false;
     return memcmp(buf_ptr(buf), mem, mem_len) == 0;
 }
 
 static inline bool buf_eql_str(Buf *buf, const char *str) {
+    assert(buf->list.length);
     return buf_eql_mem(buf, str, strlen(str));
 }
 
 static inline bool buf_eql_buf(Buf *buf, Buf *other) {
+    assert(buf->list.length);
     return buf_eql_mem(buf, buf_ptr(other), buf_len(other));
 }
 
 static inline void buf_splice_buf(Buf *buf, int start, int end, Buf *other) {
+    assert(buf->list.length);
+
     if (start != end)
         zig_panic("TODO buf_splice_buf");
 
@@ -135,6 +149,7 @@ static inline void buf_splice_buf(Buf *buf, int start, int end, Buf *other) {
 }
 
 static inline uint32_t buf_hash(Buf *buf) {
+    assert(buf->list.length);
     // FNV 32-bit hash
     uint32_t h = 2166136261;
     for (int i = 0; i < buf_len(buf); i += 1) {
diff --git a/src/codegen.cpp b/src/codegen.cpp
index b683e7800a..e9269ced64 100644
--- a/src/codegen.cpp
+++ b/src/codegen.cpp
@@ -179,6 +179,7 @@ static void resolve_type_and_recurse(CodeGen *g, AstNode *node) {
                     TypeTableEntry *entry = allocate<TypeTableEntry>(1);
                     entry->id = TypeIdPointer;
                     entry->type_ref = LLVMPointerType(child_type_node->entry->type_ref, 0);
+                    buf_resize(&entry->name, 0);
                     buf_appendf(&entry->name, "*%s %s", const_or_mut_str, buf_ptr(&child_type_node->entry->name));
                     entry->di_type = g->dbuilder->createPointerType(child_type_node->entry->di_type,
                             g->pointer_size_bytes * 8, g->pointer_size_bytes * 8, buf_ptr(&entry->name));
diff --git a/src/parser.cpp b/src/parser.cpp
index 1b256c8513..49f92a9fb1 100644
--- a/src/parser.cpp
+++ b/src/parser.cpp
@@ -181,8 +181,7 @@ static AstNode *ast_create_node(NodeType type, Token *first_token) {
 }
 
 static AstNode *ast_create_node_with_node(NodeType type, AstNode *other_node) {
-    AstNode *node = allocate<AstNode>(1);
-    node->type = type;
+    AstNode *node = ast_create_node_no_line_info(type);
     node->line = other_node->line;
     node->column = other_node->column;
     return node;
@@ -202,8 +201,10 @@ static void ast_buf_from_token(ParseContext *pc, Token *token, Buf *buf) {
 static void parse_string_literal(ParseContext *pc, Token *token, Buf *buf) {
     // skip the double quotes at beginning and end
     // convert escape sequences
+
+    buf_resize(buf, 0);
     bool escape = false;
-    for (int i = token->start_pos; i < token->end_pos - 1; i += 1) {
+    for (int i = token->start_pos + 1; i < token->end_pos - 1; i += 1) {
         uint8_t c = *((uint8_t*)buf_ptr(pc->buf) + i);
         if (escape) {
             switch (c) {