[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Minor patch to correct buffer overrun

From: Chris Sutcliffe
Subject: Re: Minor patch to correct buffer overrun
Date: Thu, 19 Aug 2010 21:56:11 -0400
User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv: Gecko/20100802 Thunderbird/3.1.2

 On 19/08/2010 12:31 PM, Eli Zaretskii wrote:
I'm not at all convinced that there's not still a bug here.  The fact
that we can force a core dump by providing a very long filename is a bug
in make; there's nothing (that I can recall) in make that checks the
names of targets to ensure they don't exceed some certain length.
For each place in the code where this could happen, we could verify
the length in advance and if it's too large, bail out with some error
message.  This is one such place.

Another option would be to truncate the string to the size of the buffer (like I did in my proposed patch with strncpy()).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]