Hi Sun, I think the changes that you are suggesting are an addition to the changes in the submitted patch. If that is the case, then I would rather make them as a separate commit as I have already tested the patch and I know that it fixes the FORTIFY_SOURCE issue.
On Mon, Nov 22, 2010 at 4:13 PM, Sun Chan <sun.c...@gmail.com> wrote: > a most economic way to do that is to use #define like SZ_STR > then afterwards, assert that strlen(msg_str) < SZ_STR > Sun > > On Tue, Nov 23, 2010 at 8:11 AM, Sun Chan <sun.c...@gmail.com> wrote: >> If we are fixing that, we might as well fix potential issues. E.g. >> check for strlen and truncate, use alloca, ... or simply make it twice >> the size (although it still technically is potentially wrong) >> Sun >> >> On Tue, Nov 23, 2010 at 8:04 AM, David Coakley <dcoak...@gmail.com> wrote: >>> Yes, I noticed that the msg_str buffer size seemed small. However, I >>> didn't see any immediate problems and there were no more complaints >>> from the FORTIFY_SOURCE checking so I left it as-is. >>> >>> On Mon, Nov 22, 2010 at 4:53 AM, Sun Chan <sun.c...@gmail.com> wrote: >>>> your msg_str could get out of bound too (not now, but some fixes later on). >>>> Sun >>>> >>>> On Mon, Nov 22, 2010 at 3:31 PM, David Coakley <dcoak...@gmail.com> wrote: >>>>> Recently I tried to build Open64 with gcc-4.5.1 and FORTIFY_SOURCE >>>>> checking turned on. The Fortran frontend would not run at all because >>>>> of a failing buffer overflow check that occurred during command-line >>>>> processing. Although this failure turned out to be a false alarm, it >>>>> was fairly easy to work around. And since the FORTIFY_SOURCE checking >>>>> did uncover some real problems, I thought it was worth making source >>>>> changes to work around the problem rather than turning the checking >>>>> off. >>>>> >>>>> The attached file msg.txt details the changes. >>>>> >>>>> Could a gatekeeper please review the patch? Thanks, >>>>> >>>>> -David Coakley / AMD Open Source Compiler Engineering >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Beautiful is writing same markup. Internet Explorer 9 supports >>>>> standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. >>>>> Spend less time writing and rewriting code and more time creating great >>>>> experiences on the web. Be a part of the beta today >>>>> http://p.sf.net/sfu/msIE9-sfdev2dev >>>>> _______________________________________________ >>>>> Open64-devel mailing list >>>>> Open64-devel@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/open64-devel >>>>> >>>>> >>>> >>> >> > ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ Open64-devel mailing list Open64-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/open64-devel
