Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code

bug-findutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code

From:	Jim Meyering
Subject:	Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code
Date:	Mon, 9 Jul 2018 08:23:21 -0700

On Mon, Jul 9, 2018 at 5:57 AM, Bernhard Voelker
<address@hidden> wrote:
> On 07/08/2018 06:19 AM, Jim Meyering wrote:
>> On Sat, Jul 7, 2018 at 4:13 PM, Bernhard Voelker
>> <address@hidden> wrote:
>>> -  static char buf[10];
>>> +  static char buf[14];
>>
>> Or maybe this, since you already use the intprops module, just add
>> this somewhere prior: #include "intprops.h"
>>
>>   static char buf[1 + INT_BUFSIZE_BOUND (info) + 1];
>
> Even better, thanks!
> I wrapped that into the attached patch in your name ... pushing soon.

Thanks. Actually, we must not rely on it being already available due
to a transitive dependency.
Instead, I suggest to make the dependency on this gnulib module
explicit by adding its name to bootstrap.conf:

also-add-intprops-dep.diff
Description: Binary data

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] ftsfind.c: avoid buffer overflow in -D code, Bernhard Voelker, 2018/07/07
- Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code, Jim Meyering, 2018/07/08
  - Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code, Bernhard Voelker, 2018/07/09
    - Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code, Jim Meyering <=
    - Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code, Bernhard Voelker, 2018/07/09

Prev by Date: Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code
Next by Date: Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code
Previous by thread: Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code
Next by thread: Re: [PATCH] ftsfind.c: avoid buffer overflow in -D code
Index(es):
- Date
- Thread