[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_ge

From: David Mosberger-Tang
Subject: Re: [Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_proc_name()
Date: Sun, 12 Oct 2008 12:39:31 -0600

I don't think there was any intention of returning a NUL-terminated string in an error case.


On 9/30/08, Vass Litvinov <address@hidden> wrote:
Dear libunwind developers,

I would like to point out - and suggest fixing it - an inconsistency
in the function "intern_string" (which is invoked from
unw_get_proc_name()).  I am looking at src/mi/Gget_proc_name.c
from libunwind-0.99-alpha.tar.gz dated 18-Oct-2007.

intern_string() strives to ensure that the string it generates into
"buf" is always NUL-terminated.  Which is definitely useful.  But - it misses one case, namely the case the fetch8 call returns with an error. If this happens, NUL termination is not ensured.

Therefore I suggest replacing this code in intern_string():

     if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
       return ret;

with this code (or some such - the first line is unchanged):

     if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
         buf[i] = '\0';        /* ensure string is NUL terminated */
         return ret;

Regards, and thanks for your hard work.


Libunwind-devel mailing list

Mosberger Consulting LLC,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]