Re: CPPCheck found 24 high risk bugs in Git v.1.8.3.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Aug 20, 2013 at 10:34 PM, René Scharfe <l.s.r@xxxxxx> wrote:
> Am 20.08.2013 20:44, schrieb Andreas Schwab:
>
>> Erik Faye-Lund <kusmabite@xxxxxxxxx> writes:
>>
>>> diff --git a/compat/win32/syslog.c b/compat/win32/syslog.c
>>> index d015e43..0641f4e 100644
>>> --- a/compat/win32/syslog.c
>>> +++ b/compat/win32/syslog.c
>>> @@ -43,11 +43,14 @@ void syslog(int priority, const char *fmt, ...)
>>>    va_end(ap);
>>>
>>>    while ((pos = strstr(str, "%1")) != NULL) {
>>> - str = realloc(str, ++str_len + 1);
>>> - if (!str) {
>>> + char *tmp = realloc(str, ++str_len + 1);
>>> + if (!tmp) {
>>>    warning("realloc failed: '%s'", strerror(errno));
>>> + free(str);
>>>    return;
>>>    }
>>> + pos = tmp + (pos - str);
>>
>>
>> Pedantically, this is undefined (uses of both pos and str may trap after
>> realloc has freed the original pointer), it is better to calculate the
>> difference before calling realloc.
>
>
> And while at it, perhaps it's better to follow the suggestion in
> http://msdn.microsoft.com/en-us/library/aa363679.aspx under Remarks and
> replace "%1" with "%1!S!" instead of "% 1".
>

If my memory serves me correct, we considered this, but found that
it wasn't implemented until Vista. I could be mis-remembering, though.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]