This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [PATCH] Buffer overrun in objcopy
Tristan Gingold <gingold@adacore.com> writes:
> On Dec 18, 2009, at 3:08 PM, Eirik Byrkjeflot Anonsen wrote:
>
>> Using objcopy from binutils 2.20.
>>
>> When using objcopy to rename symbols using add_redefine_syms_file(), if
>> one of the source symbols is exactly 99 characters, the input buffer
>> will be overrun (by the first character in the target symbol). The
>> attached patch copies the buffer resize code to the two places in this
>> function where I think it could potentially be a problem.
>
> Good catch. However I think it would be simpler to just allocate bufsize + 1 bytes.
>
> (I also think that this should go into the branch).
>
> Tristan.
Yes, that should work just fine. It might be slightly less obvious to
someone reading the code later, but I'm happy with either solution.
eirik