findutils-patches
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D c


From: Jim Meyering
Subject: Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D code
Date: Sat, 7 Jul 2018 21:19:51 -0700

On Sat, Jul 7, 2018 at 4:13 PM, Bernhard Voelker
<address@hidden> wrote:
> Reported by GCC 8.1.1:
>
> ftsfind.c: In function ‘get_fts_info_name’:
> ftsfind.c:164:23: warning: ‘%d’ directive writing between 1 and 11 bytes into 
> a region of size 9 [-Wformat-overflow=]
>        sprintf (buf, "[%d]", info);
>                        ^~
> ftsfind.c:164:7: note: ‘sprintf’ output between 4 and 14 bytes into a 
> destination of size 10
>        sprintf (buf, "[%d]", info);
>        ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> * find/ftsfind.c (get_fts_info_name): Increase buffer from 10 to 14
> to be able to hold the 11-char string representation of the %d format,
> the surrounding '[' and ']', plus the terminating NULL character.
> ---
>  find/ftsfind.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/find/ftsfind.c b/find/ftsfind.c
> index 607ea8d3..57804950 100644
> --- a/find/ftsfind.c
> +++ b/find/ftsfind.c
> @@ -143,7 +143,7 @@ static void init_mounted_dev_list (void);
>  static const char *
>  get_fts_info_name (int info)
>  {
> -  static char buf[10];
> +  static char buf[14];

Or maybe this, since you already use the intprops module, just add
this somewhere prior: #include "intprops.h"

  static char buf[1 + INT_BUFSIZE_BOUND (info) + 1];



reply via email to

[Prev in Thread] Current Thread [Next in Thread]