[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Minor patch to correct buffer overrun

From: Chris Sutcliffe
Subject: Re: Minor patch to correct buffer overrun
Date: Wed, 18 Aug 2010 09:21:14 -0400

Hi All,

I spent more time looking at the code as opposed to trying to figure
out GDB and I've fixed the issue.  The problem was the memcpy to clear
the trailing slash for win32 in find_directory.  Here's an updated

--- dir.c.orig  2010-08-18 09:12:02 -0400
+++ dir.c       2010-08-18 09:12:23 -0400
@@ -464,7 +464,7 @@

         /* Remove any trailing slashes.  Windows32 stat fails even on
            valid directories if they end in a slash. */
-        memcpy (tem, name, p - name + 1);
+        strncpy(tem, name, MAXPATHLEN);
         tstart = tem;
         if (tstart[1] == ':')
           tstart += 2;

instead of relying on 'p' to determine the amount of memory to copy, I
went the safer route and use strncpy to copy the path being evaluated
to tem and make sure that we don't exceed tem's memory allocation
(which is defined as 'char tem[MAXPATHLEN]').

I'll roll out a new mingw32-make binary and source once I've heard
back that this patch is acceptable.

Thank you,


Chris Sutcliffe

reply via email to

[Prev in Thread] Current Thread [Next in Thread]