GNU bug report logs -
#7213
[PATCH] sort: fix buffer overrun on 32-bit hosts when warning re obsolete keys
Previous Next
Reported by: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Thu, 14 Oct 2010 07:10:03 UTC
Severity: normal
Tags: patch
Done: Jim Meyering <jim <at> meyering.net>
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
* src/sort.c (key_warnings): Local buffer should be of size
INT_BUFSIZE_BOUND (uintmax_t), not INT_BUFSIZE_BOUND (sword).
This bug was discovered by running 'make check' on a 32-bit
Solaris 8 sparc host, using Sun cc. I saw several other instances
of invoking umaxtostr on a buffer declared to be of size
INT_BUFSIZE_BOUND (VAR), and these instances should at some point
be replaced by INT_BUFSIZE_BOUND (uintmax_t) too, as that's a
less error-prone style.
---
src/sort.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/sort.c b/src/sort.c
index c155eda..7e25f6a 100644
--- a/src/sort.c
+++ b/src/sort.c
@@ -2320,7 +2320,7 @@ key_warnings (struct keyfield const *gkey, bool gkey_only)
{
size_t sword = key->sword;
size_t eword = key->eword;
- char tmp[INT_BUFSIZE_BOUND (sword)];
+ char tmp[INT_BUFSIZE_BOUND (uintmax_t)];
/* obsolescent syntax +A.x -B.y is equivalent to:
-k A+1.x+1,B.y (when y = 0)
-k A+1.x+1,B+1.y (when y > 0) */
--
1.7.2
This bug report was last modified 14 years and 277 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.