Loading ...
Sorry, an error occurred while loading the content.

Re: [patch] possible memory overflow in vim7/src/GvimExt/gvimext.cpp

Expand Messages
  • Bram Moolenaar
    ... Thanks. These C string functions are tricky. -- hundred-and-one symptoms of being an internet addict: 110. You actually volunteer to become your
    Message 1 of 2 , Jul 27, 2009
    • 0 Attachment
      Dominique Pelle wrote:

      > Trying the static analyzer 'cppcheck-1.34' on Vim source code,
      > I saw the following warning:
      >
      > [./GvimExt/gvimext.cpp:638]: (all) Dangerous usage of strncat. Tip:
      > the 3rd parameter means maximum number of characters to append
      >
      > Code in vim7/src/gvimext.cpp is:
      >
      > 623 char temp[BUFSIZE];
      > ...
      > 637 strncpy(temp, _("Edit with existing Vim - "), BUFSIZE - 1);
      > 638 strncat(temp, title, BUFSIZE - 1);
      >
      > Code is incorrect indeed: strncat() may overflow temp buffer.
      >
      > Attached patch fixes it.

      Thanks. These C string functions are tricky.

      --
      hundred-and-one symptoms of being an internet addict:
      110. You actually volunteer to become your employer's webmaster.

      /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
      /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
      \\\ download, build and distribute -- http://www.A-A-P.org ///
      \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

      --~--~---------~--~----~------------~-------~--~----~
      You received this message from the "vim_dev" maillist.
      For more information, visit http://www.vim.org/maillist.php
      -~----------~----~----~----~------~----~------~--~---
    Your message has been successfully submitted and would be delivered to recipients shortly.