This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug ada/79309] incorrectly bounded calls to strncat in adaint.c
- From: "jakub at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Wed, 01 Feb 2017 08:21:18 +0000
- Subject: [Bug ada/79309] incorrectly bounded calls to strncat in adaint.c
- Auto-submitted: auto-generated
- References: <bug-79309-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79309
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jakub at gcc dot gnu.org
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
I think it would be better to do:
--- adaint.c 2017-01-12 22:28:59.293871830 +0100
+++ adaint.c 2017-02-01 09:18:47.027598963 +0100
@@ -3396,14 +3396,16 @@ void __gnat_killprocesstree (int pid, in
{
if ((d->d_type & DT_DIR) == DT_DIR)
{
- char statfile[64] = { 0 };
+ char statfile[64];
int _pid, _ppid;
/* read /proc/<PID>/stat */
- strncpy (statfile, "/proc/", sizeof(statfile));
- strncat (statfile, d->d_name, sizeof(statfile));
- strncat (statfile, "/stat", sizeof(statfile));
+ if (strlen (d->d_name) > sizeof (statfile) - sizeof ("/proc//stat"))
+ continue;
+ strcpy (statfile, "/proc/");
+ strcat (statfile, d->d_name);
+ strcat (statfile, "/stat");
FILE *fd = fopen (statfile, "r");
You don't want to truncate the buffer in the middle or something in the
hypothetical case something goes wrong, the above is readable and gcc is able
to optimize it into more efficient code that is less readable (i.e. 3 memcpy
calls), using the value of previously computed strlen.
Also note the useless clearing of the whole buffer before it is overwritten.