This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH][PR gdb/16013] Fix off-by-one errors in *scanf format strings


On 10/14/2013 11:52 AM, Gary Benson wrote:
> Hi all,
> 
> This patch fixes a number of off-by-one errors in *scanf format
> strings.

These could be fixed by either reducing the length specified
in the format string, or, by increasing the buffers.  Either
such change would be obvious from a coding perspective.  But
the part that requires a rationale, is, that one that justifies
the taken approach.  That will be governed what the actual lengths
of these fields on the kernel side.  E.g.:

      /* sizeof (cmd) should be greater or equal to TASK_COMM_LEN (in
	 include/linux/sched.h in the Linux kernel sources) plus two
	 (for the brackets).  */
      char cmd[32];
      PID_T stat_pid;
      int items_read = fscanf (fp, "%lld %32s", &stat_pid, cmd);

Did you check the value of TASK_COMM_LEN ? (I haven't).

Same for the other fields.

-- 
Pedro Alves


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]