[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_pr

From: Vass Litvinov
Subject: [Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_proc_name()
Date: Tue, 30 Sep 2008 17:04:09 -0700 (Pacific Daylight Time)

Dear libunwind developers,

I would like to point out - and suggest fixing it - an inconsistency
in the function "intern_string" (which is invoked from
unw_get_proc_name()).  I am looking at src/mi/Gget_proc_name.c
from libunwind-0.99-alpha.tar.gz dated 18-Oct-2007.

intern_string() strives to ensure that the string it generates into
"buf" is always NUL-terminated. Which is definitely useful. But - it misses one case, namely the case the fetch8 call returns with an error. If this happens, NUL termination is not ensured.

Therefore I suggest replacing this code in intern_string():

      if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
        return ret;

with this code (or some such - the first line is unchanged):

      if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
          buf[i] = '\0';        /* ensure string is NUL terminated */
          return ret;

Regards, and thanks for your hard work.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]