This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi Nathan > This is the final part of the architecture switch cleanup. This patch is okay, with the exception of: > I reworked find_cf_chip for the new ordering. Previously that was > using strncat to try and avoid overrunning the provided array and > then giving an as_fatal if it did. However, that had a logic bug in > that strncat does not write the trailing NUL char if the array gets > full. Thus the following strlen's and subsequent strncat's will go > wandering off anyway. This patch simply uses strcat and then checks > if we wandered off or not. As we never return if that happens, I > think this is ok. The problem is that you detect the buffer overflow after it has occurred; it will likely be too late. I'd like to see this code made more robust. How about adding some assertions, at the very least (as the code only processes compile-time strings and not external untrusted data)? Cheers, Ben
Attachment:
pgp00000.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |