From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-79031-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 22719 invoked by alias); 2 Mar 2011 23:42:00 -0000
Received: (qmail 22609 invoked by uid 22791); 2 Mar 2011 23:41:59 -0000
X-SWARE-Spam-Status: No, hits=-1.9 required=5.0	tests=AWL,BAYES_00,TW_CP,T_RP_MATCHES_RCVD
X-Spam-Check-By: sourceware.org
Received: from mail.codesourcery.com (HELO mail.codesourcery.com) (38.113.113.100)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 02 Mar 2011 23:41:55 +0000
Received: (qmail 17118 invoked from network); 2 Mar 2011 23:41:54 -0000
Received: from unknown (HELO scottsdale.localnet) (pedro@127.0.0.2)  by mail.codesourcery.com with ESMTPA; 2 Mar 2011 23:41:54 -0000
From: Pedro Alves <pedro@codesourcery.com>
To: gdb-patches@sourceware.org
Subject: Re: [commit] printcmd.c, print_scalar_formatted, use strncpy.
Date: Wed, 02 Mar 2011 23:42:00 -0000
User-Agent: KMail/1.13.5 (Linux/2.6.35-27-generic; KDE/4.6.0; x86_64; ; )
Cc: Michael Snyder <msnyder@vmware.com>
References: <4D6ECC07.40905@vmware.com>
In-Reply-To: <4D6ECC07.40905@vmware.com>
MIME-Version: 1.0
Content-Type: Text/Plain;  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Message-Id: <201103022341.55237.pedro@codesourcery.com>
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2011-03/txt/msg00144.txt.bz2

On Wednesday 02 March 2011 23:00:23, Michael Snyder wrote:
> strncpy2.txt
>   2011-03-02  Michael Snyder  <msnyder@vmware.com>
> 
>         * printcmd.c (print_scalar_formatted): Use strncpy for safety.
> 
> Index: printcmd.c
> ===================================================================
> RCS file: /cvs/src/src/gdb/printcmd.c,v
> retrieving revision 1.192
> diff -u -p -u -p -r1.192 printcmd.c
> --- printcmd.c  26 Feb 2011 02:07:08 -0000      1.192
> +++ printcmd.c  2 Mar 2011 22:55:38 -0000
> @@ -533,7 +533,7 @@ print_scalar_formatted (const void *vala
>             if (*cp == '\0')
>               cp--;
>           }
> -       strcpy (buf, cp);
> +       strncpy (buf, cp, sizeof (bits));
>         fputs_filtered (buf, stream);
>        }
>        break;

We've been through this recently...  This is not safe.

-- 
Pedro Alves