Closed wom-bat closed 5 years ago
I don't think that strrchr()
is actually an overflow problem. strrchr
doesn't know the size of the memory buffer thus will not go beyond the first NUL.
The right solution is to allocate a new buffer for tmp_fn
. I'll merge this though.
The pull series enables -Wall as default (if you're using clang or gcc or other compilers that support the flag) and fixes two issues: -- a mismatch between %ld in a printf and an unsigned long argument -- A possible buffer overflow: if the space after string copied by realloc() contains NUL chars, then the strrchr() will pick up the wrong one. Use strlen() on the original instead.