This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [commit] objc-lang.c: avoid string overrun
- From: Pedro Alves <pedro at codesourcery dot com>
- To: gdb-patches at sourceware dot org
- Cc: Michael Snyder <msnyder at vmware dot com>
- Date: Mon, 28 Feb 2011 09:51:19 +0000
- Subject: Re: [commit] objc-lang.c: avoid string overrun
- References: <4D6B0553.6010803@vmware.com>
On Monday 28 February 2011 02:15:47, Michael Snyder wrote:
> {
> - strcpy(myregexp, regexp);
> + strncpy(myregexp, regexp, sizeof (myregexp) - 1);
Such fixes ain't that much better. At the bare least, you'd
need to null terminate the result, as strncpy does not do that
for you if REGEXP is large enough --- strncpy was not
designed as a safe strcpy. And then proceeding as if nothing
happened when `myregexp' isn't large enough is just b0rked.
> if (myregexp[strlen(myregexp) - 1] == '$') /* end of selector */
> myregexp[strlen(myregexp) - 1] = ']'; /* end of method name */
--
Pedro Alves