aboutsummaryrefslogtreecommitdiff
path: root/packages/patches/strtokcpy-0.41.0-test10.patch
AgeCommit message (Collapse)Author
2008-01-10(add patch from issue #1852385)Russell Bryant
This patch provides a revised implementation of the strtokcpy() function in s_path.c. It provides the following benefits: 1) Prevent potential overflow of a stack buffer. This function did nothing to ensure that it didn't write past the end of the destination buffer. It is possible to cause this to happen by providing certain command line arguments that are longer than MAXPDSTRING. Also, there may be other ways to trigger this bug if namelist_append_files() is used anywhere beyond the uses I reviewed, which are the ones in pd/*.c. 2) Copy bytes from the string in the same loop that looks for the delimiter. This is simply for efficiency in that the string only has to be traversed once, instead of twice (one to find the delimiter, and the second to copy up to it). svn path=/trunk/; revision=9143