On Tue, Oct 23, 2018 at 2:10 PM Eric Sandeen <sandeen@xxxxxxxxxxx> wrote:
>
>
>
> On 10/23/18 3:16 AM, Jan Tulak wrote:
> >> I'm not a huge fan of "fix buffer overflows by making them arbitrarily
> >> bigger" - can we use i.e. snprintf to make sure it won't happen again,
> >> and maybe size them based on ... something, instead of "eh, [5000] is
> >> hopefully enough?"
> > I based the new size on gcc outputs, it said how much it can overflow.
> > But I checked the numbers only once or twice and didn't verify it for
> > other reports.
>
> It's always possible that I'm wrong and I'm missing something. :)
> What did gcc say for the cases I pointed out?
For the txt[256] -> 300:
stobj.c: In function ‘stobjstrm_highlight’:
stobj.c:227:55: warning: ‘%s’ directive output may be truncated
writing up to 255 bytes into a regi
on of size between 230 and 231 [-Wformat-truncation=]
snprintf(txt, sizeof(txt), "interrupted: %s, cmdarg: %s",
^~
stobj.c:227:2: note: ‘snprintf’ output between 26 and 282 bytes into a
destination of size 256
snprintf(txt, sizeof(txt), "interrupted: %s, cmdarg: %s",
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(stobjstrm->st_interrupted == BOOL_TRUE) ? "yes" : "no",
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
stobjstrm->st_cmdarg);
~~~~~~~~~~~~~~~~~~~~~
So, I took the 282, added something, and rounded it to a number that
felt good and wasn't much larger than that.
Thanks,
Jan
--
Jan Tulak
