[Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get

libunwind-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_pr

From:	Vass Litvinov
Subject:	[Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_proc_name()
Date:	Tue, 30 Sep 2008 17:04:09 -0700 (Pacific Daylight Time)

Dear libunwind developers,

I would like to point out - and suggest fixing it - an inconsistency
in the function "intern_string" (which is invoked from
unw_get_proc_name()).  I am looking at src/mi/Gget_proc_name.c
from libunwind-0.99-alpha.tar.gz dated 18-Oct-2007.

intern_string() strives to ensure that the string it generates into

"buf" is always NUL-terminated. Which is definitely useful. But -it misses one case, namely the case the fetch8 call returns with an error.If this happens, NUL termination is not ensured.


Therefore I suggest replacing this code in intern_string():

      if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
        return ret;

with this code (or some such - the first line is unchanged):

      if ((ret = fetch8 (as, a, &addr, (int8_t *) buf + i, arg)) < 0)
        {
          buf[i] = '\0';        /* ensure string is NUL terminated */
          return ret;
        }

Regards, and thanks for your hard work.

Vass

[Prev in Thread]

Current Thread

[Next in Thread]

[Libunwind-devel] bug/glitch report: NUL (non-)termination in unw_get_proc_name(), Vass Litvinov <=

Prev by Date: [Libunwind-devel] SOS_MEMORY_SIZE too small?
Previous by thread: [Libunwind-devel] SOS_MEMORY_SIZE too small?
Index(es):
- Date
- Thread