avoid a few strncpy-induced buffer overruns

* procfs.c (procfs_make_note_section): Be sure to NUL-terminate
fname and psargs before trying to concatenate.
* tui/tui-stack.c (tui_get_function_from_frame): NUL-terminate
"name" before applying strchr.

3 files changed, 12 insertions, 2 deletions

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 8babaaa..43d590f 100644
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,11 @@
+2012-04-24  Jim Meyering  <meyering@redhat.com>
+
+	avoid a few strncpy-induced buffer overruns
+	* procfs.c (procfs_make_note_section): Be sure to NUL-terminate
+	fname and psargs before trying to concatenate.
+	* tui/tui-stack.c (tui_get_function_from_frame): NUL-terminate
+	"name" before applying strchr.
+
 2012-04-25  Siva Chandra Reddy  <sivachandra@google.com>
 
 	* CONTRIBUTE: Use unified diff instead of context diff when
diff --git a/gdb/procfs.c b/gdb/procfs.c
index cb4bc7c..d7c2946 100644
--- a/gdb/procfs.c
+++ b/gdb/procfs.c
@@ -5725,8 +5725,9 @@ procfs_make_note_section (bfd *obfd, int *note_size)
   if (get_exec_file (0))
     {
       strncpy (fname, lbasename (get_exec_file (0)), sizeof (fname));
-      strncpy (psargs, get_exec_file (0),
-	       sizeof (psargs));
+      fname[sizeof (fname) - 1] = 0;
+      strncpy (psargs, get_exec_file (0), sizeof (psargs));
+      psargs[sizeof (psargs) - 1] = 0;
 
       inf_args = get_inferior_args ();
       if (inf_args && *inf_args &&
diff --git a/gdb/tui/tui-stack.c b/gdb/tui/tui-stack.c
index ef50a98..262a6bf 100644
--- a/gdb/tui/tui-stack.c
+++ b/gdb/tui/tui-stack.c
@@ -228,6 +228,7 @@ tui_get_function_from_frame (struct frame_info *fi)
   if (*p == '<')
     p++;
   strncpy (name, p, sizeof (name) - 1);
+  name[sizeof (name) - 1] = 0;
   p = strchr (name, '(');
   if (!p)
     p = strchr (name, '>');