On Wed, Sep 29, 2010 at 11:57:19PM +0200, Lubomir Rintel wrote: > Ridiculously high -s arguments could trigger an integer overflow and > result in less memory allocated than desired and in turn a heap overflow > and crash. Or at least annoy valgrind:
This is "garbage in garbage out" principle in action: if you specify an invalid argument to -s, it is not surprising that you get an invalid result. If you really want a foolproof handling of command line arguments, you'd also have to replace atoi(3) calls with something more appropriate, most likely with a wrapper around strtol(3), e.g. http://git.altlinux.org/people/ldv/packages/?p=popa3d.git;a=blob;f=popa3d/protocol.c#l163 > - if (!outstr) > + if (!outstr && (INT_MAX - sizeof "\"...\"") / 4 > max_strlen) > outstr = malloc(4 * max_strlen + sizeof "\"...\""); I'd prefer to check the argument that is going to be passed to malloc(3). For example, if (!outstr) { size_t malloc_size = 4 * max_strlen + sizeof "\"...\""; if (malloc_size >= sizeof "\"...\"" && (malloc_size - sizeof "\"...\"") / 4 == max_strlen) outstr = malloc(malloc_size); } -- ldv
pgppoMihh4F9T.pgp
Description: PGP signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Strace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/strace-devel
