Fix malformed addinstr crash (ref: #43)

instr->instr_size was not being checked, and as a result an
abnormally long .addinstr would result in the following for loop
modifying instr->args, and possibly other parts of the memory.

This was fixed by checking to make sure that instr->instr_size
was 8 or below, and if not, failing.

As a result of a addinstr being possibly invalid, errors.h was
updated to reflect a possibly invalid addinstr.

Author: alberthdev

directive.cpp

@@ -163,6 +163,10 @@ char *handle_directive (const char *ptr) {
 			conv_hex (word, word + strlen (word), &result);
 			instr->instr_size = strlen (word) / 2;
 
+			// Sanity check: are we within the upper bound?
+			// (If not, fail - otherwise we start overwriting memory)
+			if (instr->instr_size > 8) goto addinstr_fail;
+
 			for (j = instr->instr_size - 1; j >= 0; j--)
 				instr->instr_data[instr->instr_size - j - 1] = (result >> (j * 8)) & 0xFF;
 

errors.h

@@ -108,7 +108,7 @@ SPASMERROR g_ErrorCodes[]
 	{SPASM_ERR_NO_PREVIOUS_DEFINE,		_T("No previous define to continue")},
 	{SPASM_ERR_ELIF_WITHOUT_IF,			_T("Use of #ELIF outside of an #IF expression")},
 	{SPASM_ERR_INVALID_OPTION,			_T("The option %s does not exist")},
-	{SPASM_ERR_INVALID_ADDINSTR,		_T("Missing required information for .ADDINSTR")},
+	{SPASM_ERR_INVALID_ADDINSTR,		_T("Required information for .ADDINSTR is missing or invalid")},
 	{SPASM_ERR_INVALID_RST_OPERANDS,	_T("Invalid operands for the RST command")},
 	{SPASM_ERR_DEFINE_HAS_NO_VALUE,		_T("The define '%s' has been used, but doesn't have a value")},
 	{SPASM_ERR_RECURSION_DEPTH,			_T("Expression is too deep (only %d levels allowed)")},