diff options
| author | Kaveh R. Ghazi <ghazi@caip.rutgers.edu> | 2000-05-17 14:43:50 +0000 |
|---|---|---|
| committer | Kaveh Ghazi <ghazi@gcc.gnu.org> | 2000-05-17 14:43:50 +0000 |
| commit | 558fe506b500039a488681a56d616a71a733e795 (patch) | |
| tree | 1f7682065e552b701a88411e15b3c967fa957715 /gcc | |
| parent | 6f6ceed067f961614a880bc4ac4e0d72a4e89a1d (diff) | |
| download | gcc-558fe506b500039a488681a56d616a71a733e795.zip gcc-558fe506b500039a488681a56d616a71a733e795.tar.gz gcc-558fe506b500039a488681a56d616a71a733e795.tar.bz2 | |
fixfixes.c (char_macro_use_fix, [...]): Don't check the return value of sprintf.
* fixinc/fixfixes.c (char_macro_use_fix, char_macro_def_fix):
Don't check the return value of sprintf. Use asprintf to avoid
buffer overflows.
From-SVN: r33955
Diffstat (limited to 'gcc')
| -rw-r--r-- | gcc/ChangeLog | 6 | ||||
| -rw-r--r-- | gcc/fixinc/fixfixes.c | 23 |
2 files changed, 20 insertions, 9 deletions
diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 1e597c4..b0b621d 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,9 @@ +2000-05-17 Kaveh R. Ghazi <ghazi@caip.rutgers.edu> + + * fixinc/fixfixes.c (char_macro_use_fix, char_macro_def_fix): + Don't check the return value of sprintf. Use asprintf to avoid + buffer overflows. + Wed May 17 17:27:44 2000 Andrew Cagney <cagney@b1.cygnus.com> * flags.h (warn_unused_function, warn_unused_label, diff --git a/gcc/fixinc/fixfixes.c b/gcc/fixinc/fixfixes.c index 35dfc361..0aa2cd7 100644 --- a/gcc/fixinc/fixfixes.c +++ b/gcc/fixinc/fixfixes.c @@ -296,7 +296,7 @@ FIX_PROC_HEAD( char_macro_use_fix ) #endif ; - char zPat[ sizeof( zPatFmt ) + 32 ]; + char *pz_pat; static regex_t re; @@ -309,13 +309,15 @@ FIX_PROC_HEAD( char_macro_use_fix ) exit(3); } - if (sprintf( zPat, zPatFmt, p_fixd->patch_args[1] ) >= sizeof( zPat )) + asprintf (&pz_pat, zPatFmt, p_fixd->patch_args[1]); + if (!pz_pat) { - fprintf( stderr, "Oversize format: %s\n", zPat ); + fprintf( stderr, "Virtual memory exhausted\n" ); exit(3); } - compile_re (zPat, &re, 2, "macro pattern", "char_macro_use_fix"); + compile_re (pz_pat, &re, 2, "macro pattern", "char_macro_use_fix"); + free (pz_pat); while (regexec (&re, text, 3, rm, 0) == 0) { @@ -378,7 +380,7 @@ FIX_PROC_HEAD( char_macro_def_fix ) #endif ; - char zPat[ sizeof( zPatFmt ) + 32 ]; + char *pz_pat; static regex_t re; @@ -393,20 +395,23 @@ FIX_PROC_HEAD( char_macro_def_fix ) exit(3); } - if (sprintf( zPat, zPatFmt, p_fixd->patch_args[1] ) >= sizeof( zPat )) + asprintf (&pz_pat, zPatFmt, p_fixd->patch_args[1]); + if (!pz_pat) { - fprintf( stderr, "Oversize format: %s\n", zPat ); + fprintf (stderr, "Virtual memory exhausted\n"); exit(3); } - compile_re (zPat, &re, 1, "macro pattern", "char_macro_def_fix"); + compile_re (pz_pat, &re, 1, "macro pattern", "char_macro_def_fix"); if ((rerr = regexec (&re, text, 3, rm, 0)) != 0) { - fprintf( stderr, "Match error %d:\n%s\n", rerr, zPat ); + fprintf( stderr, "Match error %d:\n%s\n", rerr, pz_pat ); exit(3); } + free (pz_pat); + while ((rerr = regexec (&re, text, 3, rm, 0)) == 0) { const char* pz = text + rm[2].rm_so; |