This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
[patch] buffer overrun fix in backtracesyms.c
- To: libc-alpha at sources dot redhat dot com
- Subject: [patch] buffer overrun fix in backtracesyms.c
- From: Byron Stanoszek <gandalf at winds dot org>
- Date: Thu, 2 Nov 2000 08:32:03 -0500 (EST)
Glancing at the backtrace_symbols() function, I noticed that a buffer overrun
can occur on a 64-bit machine. The string [+%p] has a maximum character length
of 22 on a 16-bit machine, not 19 as the code seems to believe (with
WORD_WIDTH == 16). This patch will fix the problem:
--- libc/sysdeps/generic/backtracesyms.c.orig Thu Nov 2 08:25:56 2000
+++ libc/sysdeps/generic/backtracesyms.c Thu Nov 2 08:26:37 2000
@@ -38,7 +38,7 @@
/* We can compute the text size needed for the symbols since we print
them all as "[%<addr>]". */
- total = size * (WORD_WIDTH + 3);
+ total = size * (WORD_WIDTH + 6);
/* Allocate memory for the result. */
result = malloc (size * sizeof (char *) + total);
I did not check to see if other machine-dependent functions have the same
error.
--
Byron Stanoszek Ph: (330) 644-3059
Systems Programmer Fax: (330) 644-8110
Commercial Timesharing Inc. Email: bstanoszek@comtime.com