a most economic way to do that is to use #define like SZ_STR then afterwards, assert that strlen(msg_str) < SZ_STR Sun
On Tue, Nov 23, 2010 at 8:11 AM, Sun Chan <sun.c...@gmail.com> wrote: > If we are fixing that, we might as well fix potential issues. E.g. > check for strlen and truncate, use alloca, ... or simply make it twice > the size (although it still technically is potentially wrong) > Sun > > On Tue, Nov 23, 2010 at 8:04 AM, David Coakley <dcoak...@gmail.com> wrote: >> Yes, I noticed that the msg_str buffer size seemed small. However, I >> didn't see any immediate problems and there were no more complaints >> from the FORTIFY_SOURCE checking so I left it as-is. >> >> On Mon, Nov 22, 2010 at 4:53 AM, Sun Chan <sun.c...@gmail.com> wrote: >>> your msg_str could get out of bound too (not now, but some fixes later on). >>> Sun >>> >>> On Mon, Nov 22, 2010 at 3:31 PM, David Coakley <dcoak...@gmail.com> wrote: >>>> Recently I tried to build Open64 with gcc-4.5.1 and FORTIFY_SOURCE >>>> checking turned on. The Fortran frontend would not run at all because >>>> of a failing buffer overflow check that occurred during command-line >>>> processing. Although this failure turned out to be a false alarm, it >>>> was fairly easy to work around. And since the FORTIFY_SOURCE checking >>>> did uncover some real problems, I thought it was worth making source >>>> changes to work around the problem rather than turning the checking >>>> off. >>>> >>>> The attached file msg.txt details the changes. >>>> >>>> Could a gatekeeper please review the patch? Thanks, >>>> >>>> -David Coakley / AMD Open Source Compiler Engineering >>>> >>>> ------------------------------------------------------------------------------ >>>> Beautiful is writing same markup. Internet Explorer 9 supports >>>> standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. >>>> Spend less time writing and rewriting code and more time creating great >>>> experiences on the web. Be a part of the beta today >>>> http://p.sf.net/sfu/msIE9-sfdev2dev >>>> _______________________________________________ >>>> Open64-devel mailing list >>>> Open64-devel@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/open64-devel >>>> >>>> >>> >> > ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ Open64-devel mailing list Open64-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/open64-devel
