[Lldb-commits] [lldb] r235991 - Replace sprintf with snprintf to avoid a crash.
Ilia K
ki.stfu at gmail.com
Tue Apr 28 07:26:01 PDT 2015
Hello Abid,
I thought it never can happen because cUnescapedChar is less than 255 and
"\\x%02hhu" prints something like \x12. Am I wrong?
Thanks,
Ilia
On Tue, Apr 28, 2015 at 5:16 PM, Hafiz Abid Qadeer <hafiz_abid at mentor.com>
wrote:
> Author: abidh
> Date: Tue Apr 28 09:16:00 2015
> New Revision: 235991
>
> URL: http://llvm.org/viewvc/llvm-project?rev=235991&view=rev
> Log:
> Replace sprintf with snprintf to avoid a crash.
> During testing -data-list-register-values, I saw a crash here due to
> buffer overflow.
> This commit should fix the crash. There is still problem with printing
> 1-byte register
> in some cases that I will fix separately.
>
> No regression on MI test cases.
>
>
> Modified:
> lldb/trunk/tools/lldb-mi/MIUtilString.cpp
>
> Modified: lldb/trunk/tools/lldb-mi/MIUtilString.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/lldb/trunk/tools/lldb-mi/MIUtilString.cpp?rev=235991&r1=235990&r2=235991&view=diff
>
> ==============================================================================
> --- lldb/trunk/tools/lldb-mi/MIUtilString.cpp (original)
> +++ lldb/trunk/tools/lldb-mi/MIUtilString.cpp Tue Apr 28 09:16:00 2015
> @@ -17,6 +17,7 @@
>
> // In-house headers:
> #include "MIUtilString.h"
> +#include "Platform.h"
>
> //++
> ------------------------------------------------------------------------------------
> // Details: CMIUtilString constructor.
> @@ -844,8 +845,9 @@ CMIUtilString::Escape(const bool vbEscap
> strNew.push_back(cUnescapedChar);
> else
> {
> - char strEscapedChar[sizeof("\\xXX")];
> - ::sprintf(strEscapedChar, "\\x%02" PRIx8,
> cUnescapedChar);
> + const size_t size = sizeof("\\xXX");
> + char strEscapedChar[size];
> + ::snprintf(strEscapedChar, size, "\\x%02" PRIx8,
> cUnescapedChar);
> strNew.append(strEscapedChar);
> }
> break;
>
>
> _______________________________________________
> lldb-commits mailing list
> lldb-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/lldb-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-commits/attachments/20150428/6c4d7da2/attachment.html>
More information about the lldb-commits
mailing list