Re: _FORTIFY_SOURCE and strncat(), buggy?
Re: _FORTIFY_SOURCE and strncat(), buggy?
- Subject: Re: _FORTIFY_SOURCE and strncat(), buggy?
- From: Eric Slosser <email@hidden>
- Date: Fri, 25 Jul 2008 14:12:51 -0400
One possibility is that the macros are messed up. When the call to strncat becomes
((__builtin_object_size (buffer, 0) != (size_t) -1) ? __builtin___strcat_chk (buffer, "test", __builtin_object_size (buffer, 2 > 1)) : __inline_strncat_chk (buffer, "test", (size-1)));
So it's obvious that the macro doesn't want to call the built-in version when __bos() is -1. But the implementation of __inline_strncat_chk() does exactly that.
Tangent: I'm puzzled by the fact that the 2nd parameter to __bos() is computed as a bool, it's used as a bitfield. Maybe those "2 > 1" are supposed to be "2+1"?
Another possibility is that there's a bug in the implementation of __strncat_chk in Leopard's c-runtime when the first parameter is a string of zero length, and the fourth parameter is -1, then it calls abort.
The good news is that you can provide your own version, I found one on Apple's open source CVS server at gcc/libssp/stncat-chk.c. Just put that in your app and it'll get called (and won't abort on the case you mention).
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden