From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7519 invoked by alias); 28 Feb 2011 09:51:27 -0000 Received: (qmail 7501 invoked by uid 22791); 28 Feb 2011 09:51:26 -0000 X-SWARE-Spam-Status: No, hits=-1.9 required=5.0 tests=AWL,BAYES_00,TW_BJ,TW_CP,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mail.codesourcery.com (HELO mail.codesourcery.com) (38.113.113.100) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 28 Feb 2011 09:51:22 +0000 Received: (qmail 18139 invoked from network); 28 Feb 2011 09:51:20 -0000 Received: from unknown (HELO scottsdale.localnet) (pedro@127.0.0.2) by mail.codesourcery.com with ESMTPA; 28 Feb 2011 09:51:20 -0000 From: Pedro Alves To: gdb-patches@sourceware.org Subject: Re: [commit] objc-lang.c: avoid string overrun Date: Mon, 28 Feb 2011 12:21:00 -0000 User-Agent: KMail/1.13.5 (Linux/2.6.35-25-generic; KDE/4.6.0; x86_64; ; ) Cc: Michael Snyder References: <4D6B0553.6010803@vmware.com> In-Reply-To: <4D6B0553.6010803@vmware.com> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit Message-Id: <201102280951.19458.pedro@codesourcery.com> X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2011-02/txt/msg00887.txt.bz2 On Monday 28 February 2011 02:15:47, Michael Snyder wrote: > { > - strcpy(myregexp, regexp); > + strncpy(myregexp, regexp, sizeof (myregexp) - 1); Such fixes ain't that much better. At the bare least, you'd need to null terminate the result, as strncpy does not do that for you if REGEXP is large enough --- strncpy was not designed as a safe strcpy. And then proceeding as if nothing happened when `myregexp' isn't large enough is just b0rked. > if (myregexp[strlen(myregexp) - 1] == '$') /* end of selector */ > myregexp[strlen(myregexp) - 1] = ']'; /* end of method name */ -- Pedro Alves