From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20775 invoked by alias); 27 Aug 2014 22:43:18 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 20763 invoked by uid 89); 27 Aug 2014 22:43:17 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mail-pa0-f41.google.com Received: from mail-pa0-f41.google.com (HELO mail-pa0-f41.google.com) (209.85.220.41) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Wed, 27 Aug 2014 22:43:16 +0000 Received: by mail-pa0-f41.google.com with SMTP id lj1so48718pab.28 for ; Wed, 27 Aug 2014 15:43:14 -0700 (PDT) X-Received: by 10.68.57.232 with SMTP id l8mr41902695pbq.79.1409179393029; Wed, 27 Aug 2014 15:43:13 -0700 (PDT) Received: from [192.168.1.102] ([223.72.65.23]) by mx.google.com with ESMTPSA id ow8sm1471079pbb.62.2014.08.27.15.43.09 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 27 Aug 2014 15:43:11 -0700 (PDT) Message-ID: <53FE5EF6.5030003@gmail.com> Date: Wed, 27 Aug 2014 22:43:00 -0000 From: Chen Gang User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 MIME-Version: 1.0 To: jakub@redhat.com, dodji@redhat.com, kcc@google.com, dvyukov@google.com CC: gcc-patches List , Jeff Law Subject: [PATCH] libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc: Avoid writing '\0' out of string's border Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SW-Source: 2014-08/txt/msg02523.txt.bz2 'max_len' is the maximized length of 'name', so for writing '\0' to "name[max_len]", it is out of string's border, need use "max_len - 1" instead of. Pass normal test suite: "configure && make && make check && compare", I guess, at present, it is not really used by outside, though. 2014-08-27 Chen Gang * sanitizer_common/sanitizer_linux_libcdep.cc (SanitizerGetThreadName): Avoid writing '\0' out of string's border --- libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc index e754b26..b9089d5 100644 --- a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc +++ b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc @@ -140,7 +140,7 @@ bool SanitizerGetThreadName(char *name, int max_len) { if (prctl(PR_GET_NAME, (unsigned long)buff, 0, 0, 0)) // NOLINT return false; internal_strncpy(name, buff, max_len); - name[max_len] = 0; + name[max_len - 1] = 0; return true; #else return false; -- 1.9.3