Sascha 'saigkill' Manns wrote:
I: Statement might be overflowing a buffer in strncat. Common mistake: BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1) E: fcron bufferoverflowstrncat socket.c:297 [...] strncat(fields, FIELD_STR, sizeof(fields) - len); \
strncat has a braindead api. In the worst case it adds one byte more than the specified length. So for example if FIELD_STR == sizeof(fields) and len == 0 it would overflow the buffer by one zero byte. Add a -1 to the calculation. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org