From 8591331a7f674d71c50ea0f560e1412d56001801 Mon Sep 17 00:00:00 2001
From: Kartik Agaram <vc@akkartik.com>
Date: Sat, 4 May 2019 14:57:04 -0700
Subject: 5143 - add a bounds check

We'll just loudly abort the entire program if the output stream isn't large
enough to accept all the characters we want to print.
---
 subx/074print-int-decimal.subx | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/subx/074print-int-decimal.subx b/subx/074print-int-decimal.subx
index 7f9dadc5..c6f4951c 100644
--- a/subx/074print-int-decimal.subx
+++ b/subx/074print-int-decimal.subx
@@ -27,9 +27,11 @@ print-int32-decimal:  # out : (address stream), n : int32
     #     push '-'
     #   w = out->write
     #   curr = &out->data[out->write]
+    #   max = &out->data[out->length]
     #   while true
     #     pop into EAX
     #     if (EAX == sentinel) break
+    #     if (curr >= max) abort
     #     *curr = AL
     #     ++curr
     #     ++w
@@ -45,6 +47,7 @@ print-int32-decimal:  # out : (address stream), n : int32
     50/push-EAX
     51/push-ECX
     52/push-EDX
+    53/push-EBX
     57/push-EDI
     # ten/ECX = 10
     b9/copy-to-ECX  0xa/imm32
@@ -78,12 +81,18 @@ $print-int32-decimal:write:
     8b/copy                         0/mod/indirect  7/rm32/EDI    .           .             .           2/r32/EDX   .               .                 # copy *EDI to EDX
     # curr/ECX = &out->data[out->write]
     8d/copy-address                 1/mod/*+disp8   4/rm32/sib    7/base/EDI  2/index/EDX   .           1/r32/ECX   0xc/disp8       .                 # copy EBX+EDX+12 to ECX
+    # max/EBX = &out->data[out->length]
+    8b/copy                         1/mod/*+disp8   7/rm32/EDI    .           .             .           3/r32/EBX   8/disp8         .                 # copy *(EDI+8) to EBX
+    8d/copy-address                 1/mod/*+disp8   4/rm32/sib    7/base/EDI  3/index/EBX   .           3/r32/EBX   0xc/disp8       .                 # copy EDI+EBX+12 to EBX
 $print-int32-decimal:write-loop:
     # pop into EAX
     58/pop-to-EAX
     # if (EAX == sentinel) break
     3d/compare-EAX-and  0/imm32/sentinel
     74/jump-if-equal  $print-int32-decimal:write-break/disp8
+    # if (curr >= max) abort
+    39/compare                      3/mod/direct    1/rm32/ECX    .           .             .           3/r32/EBX   .               .                 # compare ECX with EBX
+    7d/jump-if-greater-or-equal  $print-int32-decimal:abort/disp8
     # *curr = AL
     88/copy-byte                    0/mod/indirect  1/rm32/ECX    .           .             .           0/r32/AL    .               .                 # copy AL to byte at *ECX
     # ++curr
@@ -97,6 +106,7 @@ $print-int32-decimal:write-break:
 $print-int32-decimal:end:
     # . restore registers
     5f/pop-to-EDI
+    5b/pop-to-EBX
     5a/pop-to-EDX
     59/pop-to-ECX
     58/pop-to-EAX
-- 
cgit 1.4.1-2-gfad0

</a>
<a id='n17' href='#n17'>17</a>
<a id='n18' href='#n18'>18</a>
<a id='n19' href='#n19'>19</a>
<a id='n20' href='#n20'>20</a>
<a id='n21' href='#n21'>21</a>
<a id='n22' href='#n22'>22</a>
<a id='n23' href='#n23'>23</a>
<a id='n24' href='#n24'>24</a>
<a id='n25' href='#n25'>25</a>
<a id='n26' href='#n26'>26</a>
<a id='n27' href='#n27'>27</a>
<a id='n28' href='#n28'>28</a>
<a id='n29' href='#n29'>29</a>
<a id='n30' href='#n30'>30</a>
<a id='n31' href='#n31'>31</a>
<a id='n32' href='#n32'>32</a>
<a id='n33' href='#n33'>33</a>
<a id='n34' href='#n34'>34</a>
<a id='n35' href='#n35'>35</a>
<a id='n36' href='#n36'>36</a>
<a id='n37' href='#n37'>37</a>
<a id='n38' href='#n38'>38</a>
<a id='n39' href='#n39'>39</a>
<a id='n40' href='#n40'>40</a>
<a id='n41' href='#n41'>41</a>
<a id='n42' href='#n42'>42</a>
<a id='n43' href='#n43'>43</a>
<a id='n44' href='#n44'>44</a>
<a id='n45' href='#n45'>45</a>
<a id='n46' href='#n46'>46</a>
<a id='n47' href='#n47'>47</a>
</pre></td>
<td class='lines'><pre><code>