This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [PATCH] Buffer overrun in objcopy
- From: Tristan Gingold <gingold at adacore dot com>
- To: Eirik Byrkjeflot Anonsen <eirik at opera dot com>
- Cc: binutils at sourceware dot org
- Date: Fri, 18 Dec 2009 15:15:29 +0100
- Subject: Re: [PATCH] Buffer overrun in objcopy
- References: <87skb82x44.fsf@opera.com>
On Dec 18, 2009, at 3:08 PM, Eirik Byrkjeflot Anonsen wrote:
> Using objcopy from binutils 2.20.
>
> When using objcopy to rename symbols using add_redefine_syms_file(), if
> one of the source symbols is exactly 99 characters, the input buffer
> will be overrun (by the first character in the target symbol). The
> attached patch copies the buffer resize code to the two places in this
> function where I think it could potentially be a problem.
Good catch. However I think it would be simpler to just allocate bufsize + 1 bytes.
(I also think that this should go into the branch).
Tristan.