[PATCH] D41270: Fix buffer overrun in WindowsResourceCOFFWriter::writeSymbolTable()
Rui Ueyama via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Dec 18 13:25:15 PST 2017
ruiu added inline comments.
================
Comment at: llvm/lib/Object/WindowsResource.cpp:566
Symbol = reinterpret_cast<coff_symbol16 *>(BufferStart + CurrentOffset);
- strncpy(Symbol->Name.ShortName, RelocationName, (size_t)COFF::NameSize);
+ memcpy(Symbol->Name.ShortName, RelocationName.data(), (size_t) COFF::NameSize);
Symbol->Value = DataOffsets[i];
----------------
I don't know much about the format string of the formatv function, but is RelocationName guaranteed to be COFF:NameSize byte long? If not, this memcpy overruns a given buffer.
I think snprintf is much better. People are familiar with that, and that's exactly what you want to do here (format a string while not overrunning a given string buffer).
https://reviews.llvm.org/D41270
More information about the llvm-commits
mailing list