+Sai
On 4/13/2020 2:43 AM, David Binderman wrote:
Hello there,
Source code is
while (fgets(temp, 1024, fp)) {
but
char *token_array[8], temp[512];Use of compiler flag -D_FORTIFY_SOURCE=2 would have found the problem. For example:
# include <stdio.h>
extern void g( int);
void f( FILE * fp) { char buf[ 100];
while (fgets( buf, 200, fp) != 0) { g( 1); } }
gives
$ /home/dcb/gcc/results/bin/gcc -c -g -O2 -D_FORTIFY_SOURCE=2 apr13c.cc In file included from /usr/include/stdio.h:867, from apr13c.cc:2: In function ‘char* fgets(char*, int, FILE*)’, inlined from ‘void f(FILE*)’ at apr13c.cc:11:14: /usr/include/bits/stdio2.h:263:26: warning: call to ‘__fgets_chk_warn’ declared with attribute warning: fgets called with bigger size than length of destination buffer [-Wattribute-warning]
I suggest switch on compiler flag -D_FORTIFY_SOURCE=2 in all development builds.
Thank you very much for catching this David.
Sai: could you include this fix in your upcoming series of fixes? Using the pattern of "fgets(buf, sizeof(buf), ...)" instead of hard coding the size should be helpful here.
Reinette