[PATCH v2] Stop depending on strndupa.
Érico Nogueira
ericonr@disroot.org
Tue Oct 27 19:20:16 GMT 2020
On Tue Oct 27, 2020 at 1:01 PM -03, Mark Wielaard wrote:
> Hi Érico,
>
> On Mon, 2020-10-26 at 15:33 -0300, Érico Nogueira via Elfutils-devel
> wrote:
> > From: Érico Rolim <erico.erc@gmail.com>
> >
> > This functon has inherent safety issues, since a long enough path can
> > lead to memory clobbering. Instead, limit the path length to
> > PATH_MAX.
>
> I like getting rid of strndupa, because it can accidentally blow up the
> stack. But replacing it with an on stack array of PATH_MAX also carries
> a risk of blowing up the stack because the function calls itself
> recursively and now always uses a huge stack allocation for every
> iteration. Can we simply use strndup and free (dir) when we are done
> instead?
Good point, I hadn't paid attention to it being recursive. New patch is
using the heap.
>
> > Also add braces around while loop.
>
> That is better, but note that GNU style is
> while (...)
> {
> ...
> }
Fixed.
> > Signed-off-by: Érico Rolim <erico.erc@gmail.com>
>
> Thanks. Note that it is also missing a ChangeLog entry.
>
> Cheers,
>
> Mark
Thanks,
Érico
More information about the Elfutils-devel
mailing list