Hi Ben, I agree that code is not particularly elegent.
I will have a think about the buffer overrun issue and see if anything needs to
be
changed. Thanks for mentioning it.
John
On Mon, May 15, 2017 at 09:05:52PM -0700, Ben Pfaff wrote:
Hi John, there's some code in next_matrix_from_reader() in
src/language/data-io/matrix-reader.c that's concerning me a little:
const int w = var_get_width (mr->varname);
char s[w];
memset (s, 0, w);
const char *name = var_get_name (vars[i]);
strcpy (s, name);
unsigned long h = hash_bytes (s, w, 0);
table[i] = h;
At least without looking further, it's hard to see that 'w' is long
enough to hold the whole length of 'name', plus a null terminator. Is
there something that guarantees this?
(My attention was drawn here by a GCC warning about strcpy() into a
uint8_t array, but I fixed that by changing s[] from uint8_t to char.)
Thanks,
Ben.
--
Avoid eavesdropping. Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
signature.asc
Description: Digital signature
_______________________________________________ pspp-dev mailing list [email protected] https://lists.gnu.org/mailman/listinfo/pspp-dev
