This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [commit] objc-lang.c: avoid string overrun


On Monday 28 February 2011 02:15:47, Michael Snyder wrote:
>         {
> -         strcpy(myregexp, regexp);
> +         strncpy(myregexp, regexp, sizeof (myregexp) - 1);

Such fixes ain't that much better.  At the bare least, you'd
need to null terminate the result, as strncpy does not do that
for you if REGEXP is large enough --- strncpy was not
designed as a safe strcpy.  And then proceeding as if nothing
happened when `myregexp' isn't large enough is just b0rked.

>           if (myregexp[strlen(myregexp) - 1] == '$') /* end of selector */
>             myregexp[strlen(myregexp) - 1] = ']';    /* end of method name */

-- 
Pedro Alves


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]