Mailinglist Archive: opensuse-packaging (249 mails)

[Richard Guenther <rguenther@xxxxxxx>]

On Mon, 22 Nov 2010, Cristian Morales Vega wrote:

> 2010/11/22 Cristian Rodríguez <crrodriguez@xxxxxxxxxxxx>:
> > El 21/11/10 11:34, Sebastian Siebert escribió:
> >
> > > I would be glad if someone can look into the source code.
> >
> > I sent submit request #53627 to your project with a possible workaround,
> > but.. if it messes stuff up, dont look at me ! it wasnt me! :P
> >
> > The code is fundamentally, crazy.
>
> I would not really touch it. The code is "good"*, there is no real
> overflows since there are 21 bytes of space at destination and the
> biggest offender is 5 bytes. The code comments make clear they know
> they were doing it... but it fails to explain why it was done that
> way, But I expect them to have a good cause. Hey, they are playing
> with functions pointer in that part of the code...
>
> The funny thing is that gcc is only complaining about the STRCPYs that
> have this comment before:
>
>       /* Set l:self to "selfdict".  Use "name" to avoid a warning from
>        * some compiler that checks the destination size. */
>
> It seems that with
>       name = v->di_key;
>       STRCPY(name, "self");
> gcc fails to see the extra space, but with
>       STRCPY(v->di_key, "self");
> the warning would dissapear (I didn't test).
>
> Apparently those changes were made because of the crash reported in
> the vim_dev mail Sebastian linked before. So...
> IMHO your "#ifdef _FORTIFY_SOURCE" fix would be the better.

Another workaround is to use memcpy, not strcpy.  For strcpy and
_FORTIFY_SOURCE=2 GCC assumes stricter handling (eventually just
the trailing '\0' byte overflows the buffer and they do not care
about it anyways).

Richard.