Re: PATCH: utils.c: Fix use of uninitialized memory in metafy().

zsh-workers
 help / color / mirror / code / Atom feed

From: Peter Stephenson <p.stephenson@samsung.com>
To: zsh-workers@zsh.org
Subject: Re: PATCH: utils.c: Fix use of uninitialized memory in metafy().
Date: Wed, 27 Nov 2013 18:07:19 +0000	[thread overview]
Message-ID: <20131127180719.1ad6acf0@pwslap01u.europe.root.pri> (raw)
In-Reply-To: <bb4a5a0bb37e036855648e28ad8c663c0e0763e7.1385573927.git.simon@ruderich.org>

On Wed, 27 Nov 2013 18:45:16 +0100
Simon Ruderich <simon@ruderich.org> wrote:
> While running the tests with valgrind I noticed an use of
> uninitialized memory in metafy().
>
> The following patch should fix it, but I don't know the details
> of this code, so please check it before applying the patch.
> 
> The problem is the *e != '\0' in the next if, once e == buf +
> len, *e points after buf.

Hmm... I think the intention probably *is* to check if there's null
termination at "buf + len", on the assumption that the first "len" bytes
need metafying regardless.  So if we've got only len valid bytes, not
null-terminated (or null-terminated by accident because the next byte
that isn't actually valid for the allocation happens to be null), we've
got no way of knowing this given the current interface.  That's not
actually stated explicitly but the comment above does mention len+1
for copying, implying len doesn't include the termination.

It looks like either we've got to improve the interface, which is a lot
of work, or always copy when we're give a length, which is inefficient.
I'd be tempted to do the latter for now.

pws

next prev parent reply	other threads:[~2013-11-27 18:07 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-27 17:45 Simon Ruderich
2013-11-27 18:07 ` Peter Stephenson [this message]
2013-11-27 18:54   ` Bart Schaefer
2013-11-27 20:26     ` Peter Stephenson
2013-11-28  1:19       ` Bart Schaefer
2013-11-28  9:40         ` Peter Stephenson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20131127180719.1ad6acf0@pwslap01u.europe.root.pri \
    --to=p.stephenson@samsung.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).