[pacman-dev] [PATCH] package.c, fix incorrect buffersize
Allan McRae
allan at archlinux.org
Mon Nov 2 04:20:22 UTC 2015
On 01/11/15 23:09, Pierre Neidhardt wrote:
> On 15-11-01 07:09:30, Dave Reisner wrote:
>> On Sun, Nov 01, 2015 at 01:32:59AM +0100, Rikard Falkeborn wrote:
>>> Correct title_suffix_len to be the actual number of elements in
>>> the string (including the NUL-terminator) instead of the size
>>> of a pointer.
>>>
>>> Note that wmemcpy blindly copies the number of wide characters it is told
>>> to copy (no check for NUL-terminating character), so this previously copied
>>> data outside of title_suffix.
>>>
>>> Signed-off-by: Rikard Falkeborn <rikard.falkeborn at gmail.com>
>>> ---
>>
>> Just a thought -- instead of dealing with calculating fixed sized
>> buffers, why don't we just calculate the max width needed, and then use
>> printf to do the actual formatting? It prevents two whole classes of
>> problems: buffer overflows and potential string truncation.
>>
>> The patch is somewhat insidious as it requires modifying list_display,
>> string_display, etc., but I've already got a mostly working POC already.
>
> I like it. More insidious, but I think the pros overweight the cons.
> Besides it would make alignment straighforward to add to other places if need
> be in the future.
>
> Just in case, you'll need to use wprintf on every print where alignment is
> needed.
>
Can I get a patch with just the fix to this issue (i.e. what Pierre sent
in an earlier email)? Any change to using (w)printf can occur on top of
that.
Thanks,
Allan
More information about the pacman-dev
mailing list