diff options
author | Tobias Klauser <tklauser@distanz.ch> | 2016-03-31 10:09:57 +0200 |
---|---|---|
committer | Tobias Klauser <tklauser@distanz.ch> | 2016-03-31 10:09:57 +0200 |
commit | babe9a1e8eeb5497756d4d7998dd1ca82c62a189 (patch) | |
tree | f3685efd0c44c4eab5b06962000d84a625e6105c /src/main.c | |
parent | c5d903dcda8aeba366026dcaeb866b067cbb0180 (diff) |
Fix potential buffer overflow in strncat()
When using clang/llvm 3.8 to compile flex, the following warning is
emitted:
main.c:378:27: warning: the value of the size argument in 'strncat' is too large, might lead to a buffer overflow [-Wstrncat-size]
strncat(m4_path, m4, sizeof(m4_path));
^~~~~~~~~~~~~~~
main.c:378:27: note: change the argument to be the free space in the destination buffer minus the terminating null byte
strncat(m4_path, m4, sizeof(m4_path));
^~~~~~~~~~~~~~~
sizeof(m4_path) - strlen(m4_path) - 1
Fix it up by using the solution proposed by the warning message.
Diffstat (limited to 'src/main.c')
-rw-r--r-- | src/main.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -375,7 +375,7 @@ void check_options (void) strncpy(m4_path, path, sizeof(m4_path)); m4_path[endOfDir-path] = '/'; m4_path[endOfDir-path+1] = '\0'; - strncat(m4_path, m4, sizeof(m4_path)); + strncat(m4_path, m4, sizeof(m4_path) - strlen(m4_path) - 1); if (stat(m4_path, &sbuf) == 0 && (S_ISREG(sbuf.st_mode)) && sbuf.st_mode & S_IXUSR) { m4 = strdup(m4_path); |