search

julelang / jule

Effective programming language to build efficient, fast, reliable and safe software while maintaining simplicity
https://jule.dev
BSD 3-Clause "New" or "Revised" License
128 stars 13 forks source link

api: use of uninitialized memory (missing zero terminator) #104

Closed mingodad closed 4 months ago

mingodad commented 4 months ago

Description

While building/testing jule on linux and running it through valgrind a use of unitialized memory was found in https://github.com/julelang/jule/blob/e78123825611e734811c026211cdfd546dda2b11/api/env.hpp#L114 and this change seems to fix the problem :

        char result[PATH_MAX];
        const ssize_t count = readlink("/proc/self/exe", result, PATH_MAX);
        if (count != -1) {
            result[count] = '\0';
            return jule::Str(result);
        }

Here is what we see in man 2 readlink (readlink() does not append a null byte to buf):

DESCRIPTION
       readlink()  places  the  contents  of  the  symbolic link pathname in the buffer buf, which has size bufsiz.
       readlink() does not append a null byte to buf.  It will (silently) truncate the contents  (to  a  length  of
       bufsiz characters), in case the buffer is too small to hold all of the contents.

Expected behavior

No error reported by valgrind.

Current behavior

No response

Additional information

Nothing.

mertcandav commented 4 months ago

Hi. Thanks for your effort. I opened a PR for that. Can you confirm that this patch fixes the problem?

mingodad commented 4 months ago

On my machine with your changes shown here https://github.com/julelang/jule/pull/105/files valgrind reported no errors.

mertcandav commented 4 months ago

Alright. I'll merge relevant PR and close this issue. Thanks for your contribution.