[Kaffe] could this buffer overflow?

Moses DeJong dejong at cs.umn.edu
Fri Feb 5 15:18:39 PST 1999


On Fri, 5 Feb 1999, Godmar Back wrote:

> Along those lines, it appears that the best way of fixing the sprintf
> is to KMALLOC a buffer large enough and sprintf into it, as is done
> in external.c:native.

Ok how about this on top of my last patch. Would that work correctly?
Does KMALLOC() work just like malloc() except for the signals thing?
I noticed some code in other places where KMALLOC() is used but the
memory is never KFREE()ed. I assume those were errors.

mo


--- copy_stackTrace.c   Fri Feb  5 16:17:07 1999
+++ stackTrace.c        Fri Feb  5 17:14:49 1999
@@ -120,7 +120,9 @@
                                }
                        }
 
-                       class_dot_name = strdup(CLASS_CNAME(meth->class));
+                       tmp = CLASS_CNAME(meth->class);
+                       class_dot_name = KMALLOC(strlen(tmp) + 1);
+                       strcpy(class_dot_name,tmp);
                        assert(class_dot_name != NULL);
                        /* change '/' to '.' in the class name */
                        tmp = class_dot_name;
@@ -144,7 +146,7 @@
                                        CLASS_SOURCEFILE(meth->class),
                                        linenr);
                        }
-                       free(class_dot_name);
+                       KFREE(class_dot_name);
                        len = strlen(buf);
                        str = newArray(TYPE_CLASS(TYPE_Char), len);
                        cptr = (jchar*)OBJARRAY_DATA(str);






More information about the kaffe mailing list