Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix static buffer overrrun (issue #443) #445

Merged
merged 1 commit into from
Aug 4, 2016
Merged

Fix static buffer overrrun (issue #443) #445

merged 1 commit into from
Aug 4, 2016

Conversation

AdamMajer
Copy link
Contributor

result[6] is a fixed array of size 6, but in the process
of copying data into it, we clobber the last allocated byte.

Simplify some of the code by not calling redundant functions.

@AdamMajer
Fix static buffer overrrun (issue #443)
50557a4 
result[6] is a fixed array of size 6, but in the process
of copying data into it, we clobber the last allocated byte.

Simplify some of the code by not calling redundant functions.
@geoffmcl
Copy link
Contributor

geoffmcl commented Aug 2, 2016

@AdamMajer thanks for the PR... eyeballing the code it certainly seems to avoid an overrun...

And the code feels cleaner, but wonder why result[i] = tolower( search[i] );... it seems it would already be in lower case from search = TY_(tmbstrtolower)(search);... but quite minor...

I have yet to test #443... but it certainly looks like this addresses that...

Will merge shortly, unless others see a problem... thanks...

@geoffmcl geoffmcl added the Bug label Aug 2, 2016
@geoffmcl geoffmcl added this to the 5.3 milestone Aug 2, 2016
@geoffmcl geoffmcl mentioned this pull request Aug 2, 2016
Closed
@AdamMajer
Copy link
Contributor Author

maybe it is redundant but search can get overwritten by a lookup table and I didn't check if that lookup table is always lower case. I only removed crazy things like strncpy 1 char. :)

@geoffmcl geoffmcl merged commit edafefb into htacg:master Aug 4, 2016
geoffmcl added a commit that referenced this pull request Aug 4, 2016
@geoffmcl
Issue #443, merge #445 - Bump to 5.3.9 for this fix
d2fc252
@geoffmcl
Copy link
Contributor

geoffmcl commented Aug 4, 2016

@AdamMajer well, it appear the table is in lowercase, but this protects against table changes...

Have now had a chance to add -fsanitize=address, test, and can repeat the bug, which seems fixed with your patch...

Accordingly, have merged it, and bumped to version 5.3.9 (2016.08.04)... thanks...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Bug
Projects
None yet
Milestone
5.3
Development

Successfully merging this pull request may close these issues.
2 participants
@AdamMajer @geoffmcl