This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH][PR gdb/16013] Fix off-by-one errors in *scanf format strings
- From: Pedro Alves <palves at redhat dot com>
- To: gdb-patches at sourceware dot org, dcb314 at hotmail dot com
- Date: Mon, 14 Oct 2013 12:25:15 +0100
- Subject: Re: [PATCH][PR gdb/16013] Fix off-by-one errors in *scanf format strings
- Authentication-results: sourceware.org; auth=none
- References: <20131014105252 dot GA5262 at blade dot nx>
On 10/14/2013 11:52 AM, Gary Benson wrote:
> Hi all,
>
> This patch fixes a number of off-by-one errors in *scanf format
> strings.
These could be fixed by either reducing the length specified
in the format string, or, by increasing the buffers. Either
such change would be obvious from a coding perspective. But
the part that requires a rationale, is, that one that justifies
the taken approach. That will be governed what the actual lengths
of these fields on the kernel side. E.g.:
/* sizeof (cmd) should be greater or equal to TASK_COMM_LEN (in
include/linux/sched.h in the Linux kernel sources) plus two
(for the brackets). */
char cmd[32];
PID_T stat_pid;
int items_read = fscanf (fp, "%lld %32s", &stat_pid, cmd);
Did you check the value of TASK_COMM_LEN ? (I haven't).
Same for the other fields.
--
Pedro Alves