From d457c662893f64bf5caf215b18f38814c4251cdd Mon Sep 17 00:00:00 2001 From: sehe Date: Thu, 2 May 2024 05:22:04 +0200 Subject: [PATCH] Fix non-keyword subgraph parsing Non-keyword graphs never worked (!). This was uncovered because of security issue #364. parse_subgraph() incorrectly dealt with first_token in the case where the `subgraph` keyword wasn't used. --- src/read_graphviz_new.cpp | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/src/read_graphviz_new.cpp b/src/read_graphviz_new.cpp index fdc6e95f4..d97292b41 100644 --- a/src/read_graphviz_new.cpp +++ b/src/read_graphviz_new.cpp @@ -207,7 +207,7 @@ namespace read_graphviz_detail tokenizer(const std::string& str) : begin(str.begin()), end(str.end()) { - std::string end_of_token = "(?=(?:\\W))"; + // std::string end_of_token = "(?=(?:\\W))"; // SEHE: unused? std::string whitespace = "(?:\\s+)"; std::string slash_slash_comment = "(?://.*?$)"; std::string slash_star_comment = "(?:/\\*.*?\\*/)"; @@ -773,10 +773,18 @@ namespace read_graphviz_detail bool is_anonymous = true; if (first_token.type == token::kw_subgraph) { - if (peek().type == token::identifier) + switch (peek().type) { + case token::identifier: name = get().normalized_value; is_anonymous = false; + break; + case token::left_brace: + is_anonymous = true; + break; + default: + error("Subgraph reference needs a name"); + break; } } if (is_anonymous) @@ -790,19 +798,19 @@ namespace read_graphviz_detail = current(); // Initialize properties and defaults subgraphs[name].members.clear(); // Except member list } - if (first_token.type == token::kw_subgraph - && peek().type != token::left_brace) + if (!is_anonymous && peek().type != token::left_brace) { - if (is_anonymous) - error("Subgraph reference needs a name"); return name; } subgraph_name old_sg = current_subgraph_name; current_subgraph_name = name; - if (peek().type == token::left_brace) - get(); - else - error("Wanted left brace to start subgraph"); + if (first_token.type != token::left_brace) + { + if (peek().type == token::left_brace) + get(); + else + error("Wanted left brace to start subgraph"); + } parse_stmt_list(); if (peek().type == token::right_brace) get();