This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [PATCH] Buffer overrun in objcopy
Hi Eirik,
Yes, that should work just fine. It might be slightly less obvious to
someone reading the code later, but I'm happy with either solution.
Ok - I have checked in the patch below.
Cheers
Nick
binutils/ChangeLog
2009-12-31 Eirik Byrkjeflot Anonsen <eirik@opera.com>
Nick Clifton <nickc@redhat.com>
* objcopy.c (add_redefine_syms_file): Avoid symbol buffer
overrun.
Index: binutils/objcopy.c
===================================================================
RCS file: /cvs/src/src/binutils/objcopy.c,v
retrieving revision 1.137
diff -c -3 -p -r1.137 objcopy.c
*** binutils/objcopy.c 11 Dec 2009 13:42:06 -0000 1.137
--- binutils/objcopy.c 31 Dec 2009 14:34:58 -0000
*************** add_redefine_syms_file (const char *file
*** 1232,1238 ****
filename, strerror (errno));
bufsize = 100;
! buf = (char *) xmalloc (bufsize);
lineno = 1;
c = getc (file);
--- 1232,1238 ----
filename, strerror (errno));
bufsize = 100;
! buf = (char *) xmalloc (bufsize + 1 /* For the terminating NUL. */);
lineno = 1;
c = getc (file);
*************** add_redefine_syms_file (const char *file
*** 1249,1255 ****
if (len >= bufsize)
{
bufsize *= 2;
! buf = (char *) xrealloc (buf, bufsize);
}
c = getc (file);
}
--- 1249,1255 ----
if (len >= bufsize)
{
bufsize *= 2;
! buf = (char *) xrealloc (buf, bufsize + 1);
}
c = getc (file);
}
*************** add_redefine_syms_file (const char *file
*** 1275,1281 ****
if (len >= bufsize)
{
bufsize *= 2;
! buf = (char *) xrealloc (buf, bufsize);
}
c = getc (file);
}
--- 1275,1281 ----
if (len >= bufsize)
{
bufsize *= 2;
! buf = (char *) xrealloc (buf, bufsize + 1);
}
c = getc (file);
}