ChrisSteinbach / mscgen

Automatically exported from code.google.com/p/mscgen
GNU General Public License v2.0
0 stars 0 forks source link

bad strncat use #36

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
gcc reports 

|    inlined from 'main' at main.c:1055:
| /usr/include/bits/string3.h:153: warning: call to __builtin___strncat_chk
might overflow destination buffer

which is caused by

|        strncat(gOutputFile, ".", sizeof(gOutputFile));
|        strncat(gOutputFile, gOutType, sizeof(gOutputFile));

This code does not work as expected (the 'len' in 'strncpy(dst,src,len)'
applies to 'src', not to 'dst' so that up to 'strlen(dst) + len' bytes can
be copied). You want strlcat() but this is not commonly available. See
example 1b + 1c in http://www.gratisoft.us/todd/papers/strlcpy.html for
details.

What version of the product are you using? On what operating system?

r103

Original issue reported on code.google.com by ens...@googlemail.com on 30 Nov 2009 at 10:50

GoogleCodeExporter commented 9 years ago
Hi

Thanks for the heads up - I have not been able to get gcc to spit out that 
warning;
though reading the code + strncat's manpage did lead me to same conclusion.

I have created a patch against r103 to fix this. It does not take advantage of
strlcat due portability.

~Niels

Original comment by NThykier@gmail.com on 12 Dec 2009 at 8:48

Attachments:

GoogleCodeExporter commented 9 years ago
Oops - looks like I misunderstood how strncat() works; that's not good.  
Strlcat()
looks much easier to use, but Neils is right about portability.

Original comment by Michael....@gmail.com on 3 Jan 2010 at 11:51

GoogleCodeExporter commented 9 years ago
This issue was closed by revision r104.

Original comment by Michael....@gmail.com on 3 Jan 2010 at 11:54