From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-376317-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 32271 invoked by alias); 27 Aug 2014 22:51:51 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 32258 invoked by uid 89); 27 Aug 2014 22:51:50 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-HELO: mail-vc0-f174.google.com
Received: from mail-vc0-f174.google.com (HELO mail-vc0-f174.google.com) (209.85.220.174) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Wed, 27 Aug 2014 22:51:49 +0000
Received: by mail-vc0-f174.google.com with SMTP id hy4so26089vcb.33        for <gcc-patches@gcc.gnu.org>; Wed, 27 Aug 2014 15:51:47 -0700 (PDT)
X-Received: by 10.220.105.201 with SMTP id u9mr38541vco.11.1409179906996; Wed, 27 Aug 2014 15:51:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.22.52 with HTTP; Wed, 27 Aug 2014 15:51:26 -0700 (PDT)
In-Reply-To: <53FE5EF6.5030003@gmail.com>
References: <53FE5EF6.5030003@gmail.com>
From: Konstantin Serebryany <konstantin.s.serebryany@gmail.com>
Date: Wed, 27 Aug 2014 22:51:00 -0000
Message-ID: <CAGQ9bdzw9gz37tQoO-xpDPZ-giv_B0r4P5O1pwZ8J6+4U7stRg@mail.gmail.com>
Subject: Re: [PATCH] libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc: Avoid writing '\0' out of string's border
To: Chen Gang <gang.chen.5i5j@gmail.com>
Cc: Jakub Jelinek <jakub@redhat.com>, Dodji Seketeli <dodji@redhat.com>, 	Kostya Serebryany <kcc@google.com>, Dmitry Vyukov <dvyukov@google.com>, 	gcc-patches List <gcc-patches@gcc.gnu.org>, Jeff Law <law@redhat.com>
Content-Type: text/plain; charset=UTF-8
X-IsSubscribed: yes
X-SW-Source: 2014-08/txt/msg02526.txt.bz2

[replying text only]

Hi Chen,
as per https://code.google.com/p/address-sanitizer/wiki/HowToContribute
all changes to libsanitizer, even such simple ones,
have to go through the LLVM tree first.

But, what makes you think there is a bug here?
The comment in sanitizer_common/sanitizer_common.h says:
// name should have space for at least max_len+1 bytes.

--kcc

On Wed, Aug 27, 2014 at 3:43 PM, Chen Gang <gang.chen.5i5j@gmail.com> wrote:
> 'max_len' is the maximized length of 'name', so for writing '\0' to
> "name[max_len]", it is out of string's border, need use "max_len - 1"
> instead of.
>
> Pass normal test suite: "configure && make && make check && compare",
> I guess, at present, it is not really used by outside, though.
>
> 2014-08-27  Chen Gang  <gang.chen.5i5j@gmail.com>
>
>         * sanitizer_common/sanitizer_linux_libcdep.cc
>         (SanitizerGetThreadName): Avoid writing '\0' out of string's
>         border
> ---
>  libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
> index e754b26..b9089d5 100644
> --- a/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
> +++ b/libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc
> @@ -140,7 +140,7 @@ bool SanitizerGetThreadName(char *name, int max_len) {
>    if (prctl(PR_GET_NAME, (unsigned long)buff, 0, 0, 0))  // NOLINT
>      return false;
>    internal_strncpy(name, buff, max_len);
> -  name[max_len] = 0;
> +  name[max_len - 1] = 0;
>    return true;
>  #else
>    return false;
> --
> 1.9.3