[Kaffe] could this buffer overflow?
Maxim Kizub
max at immsp.kiev.ua
Fri Feb 5 18:03:46 PST 1999
Hello
I think, the better solution whould be usage of
alloca, like
char *buf =
alloca(strlen(CLASS_CNAME(meth->class))+strlen(meth->name->data)+...+N);
sprintf(buf,...);
The only problem is that there were talks here
that there are some problems with alloca?
Doesn't it exists for all compilers? Or there
may exists some problems with threads?
Maybe, code like
#ifdef USE_ALLOCA
char *buf = alloca(...);
#else
char buf[200];
#endif
or better
#define ALLOCATE_BUF(SIZE) char *buf = alloca(SIZE);
for most of platforms, and
#define ALLOCATE_BUF(SIZE) char buf[200];
for those that lacks of alloca,
will help to avoid the uncheched buffer problems
for most of compilers/platforms ?
Moses DeJong wrote:
>
> I was looking at some code in stackTrace.c in the function
> printStackTrace() when I noticed this.
>
> char buf[200];
>
> ..
>
> sprintf(buf, "\tat %.80s.%.80s(%s:%d)",
> CLASS_CNAME(meth->class),
> meth->name->data,
> CLASS_SOURCEFILE(meth->class),
> linenr);
>
> Is it just me or does it seem like this buffer could overflow if
> the CLASS_SOURCEFILE name is longer than 30 chars?
>
> Why not use snprintf so?
>
> snprintf(buff, 200, ...
>
> Mo DeJong
> dejong at cs.umn.edu
More information about the kaffe
mailing list