This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug lto/41550] Fix security and portability issues in lto-plugin
- From: "rguenth at gcc dot gnu dot org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: 31 Oct 2009 13:11:10 -0000
- Subject: [Bug lto/41550] Fix security and portability issues in lto-plugin
- References: <bug-41550-91@http.gcc.gnu.org/bugzilla/>
- Reply-to: gcc-bugzilla at gcc dot gnu dot org
------- Comment #2 from rguenth at gcc dot gnu dot org 2009-10-31 13:11 -------
Some things were fixed. Still open are
> +/* Pass files generated by the lto-wrapper to the linker. FD is lto-wrapper's
> + stdout. */
> +
> +static void
> +add_output_files (FILE *f)
> +{
> + char fname[1000]; /* FIXME: Is this big enough? */
I don't know what sort of strings go there, but if they can be filenames
with user-controlled components then the GNU Coding Standards say to avoid
arbitrary limits.
> + output_files = realloc (output_files, num_output_files * sizeof (char *));
> + output_files[num_output_files - 1] = strdup (s);
Use xrealloc and xstrdup. Other places have the same issue with realloc
or calloc or strdup.
Also there are still asserts that look fishy.
assert (lto_wrapper_argv);
temp_obj_dir_name = strdup ("tmp_objectsXXXXXX");
t = mkdtemp (temp_obj_dir_name);
assert (t == temp_obj_dir_name);
(see also PR39023)
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550