This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[PATCH] libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc: Avoid writing '\0' out of string's border
- From: Chen Gang <gang dot chen dot 5i5j at gmail dot com>
- To: jakub at redhat dot com, dodji at redhat dot com, kcc at google dot com, dvyukov at google dot com
- Cc: gcc-patches List <gcc-patches at gcc dot gnu dot org>, Jeff Law <law at redhat dot com>
- Date: Thu, 28 Aug 2014 06:43:02 +0800
- Subject: [PATCH] libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc: Avoid writing '\0' out of string's border
- Authentication-results: sourceware.org; auth=none
'max_len' is the maximized length of 'name', so for writing '\0' to
"name[max_len]", it is out of string's border, need use "max_len - 1"
instead of.
Pass normal test suite: "configure && make && make check && compare",
I guess, at present, it is not really used by outside, though.
2014-08-27 Chen Gang <gang.chen.5i5j@gmail.com>
* sanitizer_common/sanitizer_linux_libcdep.cc
(SanitizerGetThreadName): Avoid writing '\0' out of string's
border
---
libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
index e754b26..b9089d5 100644
--- a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
@@ -140,7 +140,7 @@ bool SanitizerGetThreadName(char *name, int max_len) {
if (prctl(PR_GET_NAME, (unsigned long)buff, 0, 0, 0)) // NOLINT
return false;
internal_strncpy(name, buff, max_len);
- name[max_len] = 0;
+ name[max_len - 1] = 0;
return true;
#else
return false;
--
1.9.3