On 5 April 2018 at 18:13, Adam Jackson <[email protected]> wrote: > This threw: > > ../hw/dmx/input/dmxarg.c: In function ‘dmxArgParse’: > ../hw/dmx/input/dmxarg.c:128:5: warning: ‘strncpy’ specified bound depends on > the length of the source argument [-Wstringop-overflow=] > strncpy(tmp, string, len); > ^~~~~~~~~~~~~~~~~~~~~~~~~ > ../hw/dmx/input/dmxarg.c:126:11: note: length computed here > len = strlen(string) + 2; > ^~~~~~~~~~~~~~ > > This code predates xstrtokenize, but that's no excuse. > > Signed-off-by: Adam Jackson <[email protected]> > --- > hw/dmx/input/dmxarg.c | 23 +++++------------------ > 1 file changed, 5 insertions(+), 18 deletions(-) > > diff --git a/hw/dmx/input/dmxarg.c b/hw/dmx/input/dmxarg.c > index 6c21ae959a..582ed3faa6 100644 > --- a/hw/dmx/input/dmxarg.c > +++ b/hw/dmx/input/dmxarg.c > @@ -114,30 +114,17 @@ dmxArgC(dmxArg a) > dmxArg > dmxArgParse(const char *string) > { > - char *tmp; > - char *start, *pt; > + int i = 0; > dmxArg a = dmxArgCreate(); This allocates 2 pointers in a->argv
> - int done; > - int len; > > if (!string) > return a; > > - len = strlen(string) + 2; > - tmp = malloc(len); > - strncpy(tmp, string, len); > + a->argv = (const char **)xstrtokenize(string, ","); ... and here we leak them. I'd just open-code dmxArgCreate, above and remove that function alongside the no longer used dmxArgAdd. -Emil _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
