This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
bug in src/tapset/string.stp
- From: Jonathan Brassow <jbrassow at redhat dot com>
- To: systemtap at sources dot redhat dot com
- Date: Fri, 18 Aug 2006 16:34:30 +0000
- Subject: bug in src/tapset/string.stp
The strncpy and following null termination act as though the 'stop'
param is a 'len' param, and thus returns a string that may be longer
than what was asked for.
brassow
Index: src/tapset/string.stp
===================================================================
--- src.orig/tapset/string.stp 2006-07-11 15:38:35.000000000 -0500
+++ src/tapset/string.stp 2006-08-18 11:29:01.000000000 -0500
@@ -27,8 +27,8 @@ function substr:string(str:string,start:
}
else {
char *s=THIS->str;
- strncpy(THIS->__retvalue,s+THIS->start,THIS->stop);
- THIS->__retvalue[THIS->stop]='\0';
+ strncpy(THIS->__retvalue,s+THIS->start,THIS->stop - THIS->start);
+ THIS->__retvalue[THIS->stop - THIS->start]='\0';
}
%}