This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Fix two bugs in argz

From: Jeff Johnston <jjohnstn at redhat dot com>
To: newlib at sourceware dot org
Date: Wed, 23 May 2007 12:06:11 -0400
Subject: Re: [PATCH] Fix two bugs in argz
References: <20070522101113.GI6003@calimero.vinschen.de>

Yes, please apply.

-- Jeff J.

Corinna Vinschen wrote:

Hi,
today I tried to use newlib's argz functions and stumbled over two
bugs in the implementation:
- argz_create_sep misses to set *argz_len to 0 before counting the bytes
  in the input string, thus working with a potentially uninitialized
  value.  This breaks applications which don't set the input parameter
  explicitely to 0 before calling argz_create_sep.  This does not happen
  when using the glibc implementation of argz_create_sep.
  Note that setting *argz_len to 0 does not break the usage of
  argz_create_sep from argz_add_sep.
- argz.h is neither guarded for use with C++, nor is it guarded against
  multiple inclusion.
Patch below. Ok to commit?

Corinna
	* libc/argz/argz_create_sep.c (argz_create_sep): Initialize *argz_len
	to zero.
	* libc/include/argz.h: Guard against multiple inclusion.  Guard for
	use with C++.
Index: libc/argz/argz_create_sep.c =================================================================== RCS file: /cvs/src/src/newlib/libc/argz/argz_create_sep.c,v retrieving revision 1.2 diff -u -p -r1.2 argz_create_sep.c --- libc/argz/argz_create_sep.c 6 Jun 2003 19:57:51 -0000 1.2 +++ libc/argz/argz_create_sep.c 22 May 2007 10:07:39 -0000 @@ -31,6 +31,7 @@ _DEFUN (argz_create_sep, (string, sep, a running = strdup(string); old_running = running; + *argz_len = 0; while ((token = strsep(&running, delim))) { len = strlen(token); Index: libc/include/argz.h =================================================================== RCS file: /cvs/src/src/newlib/libc/include/argz.h,v retrieving revision 1.1 diff -u -p -r1.1 argz.h --- libc/include/argz.h 14 Jun 2002 20:51:09 -0000 1.1 +++ libc/include/argz.h 22 May 2007 10:07:39 -0000 @@ -4,9 +4,16 @@ * is freely granted, provided that this notice is preserved. */ +#ifndef _ARGZ_H_ +#define _ARGZ_H_ + #include <errno.h> #include <sys/types.h> +#include "_ansi.h" + +_BEGIN_STD_C + /* The newlib implementation of these functions assumes that sizeof(char) == 1. */ error_t argz_create (char *const argv[], char **argz, size_t *argz_len); error_t argz_create_sep (const char *string, int sep, char **argz, size_t *argz_len); @@ -20,3 +27,7 @@ error_t argz_delete (char **argz, size_t error_t argz_insert (char **argz, size_t *argz_len, char *before, const char *entry); char * argz_next (char *argz, size_t argz_len, const char *entry); error_t argz_replace (char **argz, size_t *argz_len, const char *str, const char *with, unsigned *replace_count); + +_END_STD_C + +#endif /* _ARGZ_H_ */

Follow-Ups:
- Re: [PATCH] Fix two bugs in argz
  - From: Corinna Vinschen

References:
- [PATCH] Fix two bugs in argz
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]