kamby icon indicating copy to clipboard operation
kamby copied to clipboard

Published 20 hours ago verified publisher icon henriquegogo

Buffer overflow on string allocation

Open vbuaraujo opened this issue 2 years ago • 2 comments

Hi!

There are many places (e.g. here) where the code copies a string by computing strlen() of a string, mallocs that size, and copies the contents with strcpy. However, this does not account for the size of the \0 at the end of the string. The code should malloc one more than the string length.

Since this is a recurring operation, it would probably be best to write a dedicated function to allocate and copy a string, to use wherever needed. On Unix, there is strdup(), but if you want to keep the code more portable, you can easily make a small function to do that.

vbuaraujo avatar Sep 08 '22 15:09 vbuaraujo

Recommendation for Henrique: run your program through valgrind. You will get hundreds of warnings, and crashes also (in linux anyhow).

wboeke avatar Sep 09 '22 12:09 wboeke

Thank you for tips. I ran valgrind and improved some issues. Need more work, but the specific "string overflow" must have been fixed.

henriquegogo avatar Sep 13 '22 20:09 henriquegogo