From: Michael Snyder <msnyder@vmware.com>
To: "gdb-patches@sourceware.org" <gdb-patches@sourceware.org>
Subject: [commit] objc-lang.c, classes_info, avoid string overrun
Date: Tue, 01 Mar 2011 01:46:00 -0000 [thread overview]
Message-ID: <4D6C4FDB.1030201@vmware.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 87 bytes --]
This is the same problem as with selectors_info, so I just applied
the same solution.
[-- Attachment #2: overflow1.txt --]
[-- Type: text/plain, Size: 1213 bytes --]
2011-02-28 Michael Snyder <msnyder@vmware.com>
* objc-lang.c (selectors_info): Add a small safety margin to
avoid overflow.
(classes_info): Error out on too long REGEXP.
Index: objc-lang.c
===================================================================
RCS file: /cvs/src/src/gdb/objc-lang.c,v
retrieving revision 1.93
diff -u -p -u -p -r1.93 objc-lang.c
--- objc-lang.c 28 Feb 2011 18:14:34 -0000 1.93
+++ objc-lang.c 1 Mar 2011 01:41:39 -0000
@@ -720,7 +720,7 @@ selectors_info (char *regexp, int from_t
strcpy(myregexp, ".*]");
else
{
- if (sizeof (myregexp) < strlen (regexp) + 1)
+ if (sizeof (myregexp) < strlen (regexp) + 4)
error (_("Regexp is too long: %s"), regexp);
strcpy(myregexp, regexp);
if (myregexp[strlen(myregexp) - 1] == '$') /* end of selector */
@@ -863,6 +863,8 @@ classes_info (char *regexp, int from_tty
strcpy(myregexp, ".* "); /* Null input: match all objc classes. */
else
{
+ if (sizeof (myregexp) < strlen (regexp) + 4)
+ error (_("Regexp is too long: %s"), regexp);
strcpy(myregexp, regexp);
if (myregexp[strlen(myregexp) - 1] == '$')
/* In the method name, the end of the class name is marked by ' '. */
next reply other threads:[~2011-03-01 1:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-01 1:46 Michael Snyder [this message]
2011-03-01 3:30 ` Yao Qi
2011-03-01 18:51 ` Michael Snyder
2011-03-01 14:31 ` Tom Tromey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D6C4FDB.1030201@vmware.com \
--to=msnyder@vmware.com \
--cc=gdb-patches@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox