https://bugs.kde.org/show_bug.cgi?id=401284
Mark Wielaard <m...@klomp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |m...@klomp.org
--- Comment #2 from Mark Wielaard <m...@klomp.org> ---
I do think this is somewhat questionable. You could see it as if strncat copies
over the trailing zero terminator from the source to the destination. In which
case there is overlap. If you insist that zero terminator isn't being copied,
but a new zero terminator is added to the destination after n chars of the
original have been copied, then the following should fix it:
diff --git a/shared/vg_replace_strmem.c b/shared/vg_replace_strmem.c
index 79e640189..8dd5b6368 100644
--- a/shared/vg_replace_strmem.c
+++ b/shared/vg_replace_strmem.c
@@ -370,7 +370,7 @@ static inline void my_exit ( int x )
if (is_overlap(dst_orig, \
src_orig, \
(Addr)dst-(Addr)dst_orig+1, \
- (Addr)src-(Addr)src_orig+1)) \
+ n)) \
RECORD_OVERLAP_ERROR("strncat", dst_orig, src_orig, n); \
\
return dst_orig; \
Note that we also intercept strlcat. But there you give the size of the dst
buffer, which should include space for the terminator. So there this kind of
concat would always be considered an overlap.
--
You are receiving this mail because:
You are watching all bug changes.
