Open hbrodin opened 1 year ago
The wrapper for gets is defined here: https://github.com/trailofbits/polytracker/blob/master/polytracker/src/taint_sources/taint_sources.cpp#L315-L318
gets
EXT_C_FUNC char *__dfsw_gets(char *str, dfsan_label str_label, dfsan_label *ret_label) { long offset = ftell(stdin); char *ret = fgets(str, sizeof str, stdin);
It seems to be broken as it is forwarding to fgets with a sizeof str, where str is char* which would mean eight bytes typically.
fgets
sizeof str
str
char*
When I tried to add a test case to verify, it fails to build:
error: use of undeclared identifier 'gets'
gets is removed since C11/C++14 IIUC. Suggestion: Remove the gets-wrapper.
The wrapper for
getsis defined here: https://github.com/trailofbits/polytracker/blob/master/polytracker/src/taint_sources/taint_sources.cpp#L315-L318It seems to be broken as it is forwarding to
fgetswith asizeof str, wherestrischar*which would mean eight bytes typically.When I tried to add a test case to verify, it fails to build:
getsis removed since C11/C++14 IIUC. Suggestion: Remove thegets-wrapper.