If we are fixing that, we might as well fix potential issues. E.g. check for strlen and truncate, use alloca, ... or simply make it twice the size (although it still technically is potentially wrong) Sun
On Tue, Nov 23, 2010 at 8:04 AM, David Coakley <dcoak...@gmail.com> wrote: > Yes, I noticed that the msg_str buffer size seemed small. However, I > didn't see any immediate problems and there were no more complaints > from the FORTIFY_SOURCE checking so I left it as-is. > > On Mon, Nov 22, 2010 at 4:53 AM, Sun Chan <sun.c...@gmail.com> wrote: >> your msg_str could get out of bound too (not now, but some fixes later on). >> Sun >> >> On Mon, Nov 22, 2010 at 3:31 PM, David Coakley <dcoak...@gmail.com> wrote: >>> Recently I tried to build Open64 with gcc-4.5.1 and FORTIFY_SOURCE >>> checking turned on. The Fortran frontend would not run at all because >>> of a failing buffer overflow check that occurred during command-line >>> processing. Although this failure turned out to be a false alarm, it >>> was fairly easy to work around. And since the FORTIFY_SOURCE checking >>> did uncover some real problems, I thought it was worth making source >>> changes to work around the problem rather than turning the checking >>> off. >>> >>> The attached file msg.txt details the changes. >>> >>> Could a gatekeeper please review the patch? Thanks, >>> >>> -David Coakley / AMD Open Source Compiler Engineering >>> >>> ------------------------------------------------------------------------------ >>> Beautiful is writing same markup. Internet Explorer 9 supports >>> standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. >>> Spend less time writing and rewriting code and more time creating great >>> experiences on the web. Be a part of the beta today >>> http://p.sf.net/sfu/msIE9-sfdev2dev >>> _______________________________________________ >>> Open64-devel mailing list >>> Open64-devel@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/open64-devel >>> >>> >> > ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ Open64-devel mailing list Open64-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/open64-devel
