empty / Bugs / #7 Potential overflow in watch4str

#7 Potential overflow in watch4str

Milestone: v1.0 (example)

Status: closed

Owner: nobody

Labels: None

Priority: 5

Updated: 2023-01-01

Created: 2010-06-15

Creator: Anonymous

Private: No

In watch4str the read(ifd, buf + largv, sizeof(buf) - largv); and then buf[cc + largv] = '\0'; could potentially put "\0" out of the buf overwriting then next variable when largv=0 and exactly cc==sizeof(buf) bytes are red. At least in theory.
It does not happen on my systems because it seems that read() get chanks of not more than 4096 bytes (PIPE_BUF ?) while BUFSZ is 8192.

Discussion

mezantrop - 2023-01-01

status: open --> accepted

Group: --> v1.0 (example)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

mezantrop - 2023-01-01

I'm sorry for the lifelong timeout. Will fix, probably like: cc = read(ifd, buf + largv, sizeof(buf) - largv - 1)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

mezantrop - 2023-01-01

I'm sorry for the lifelong timeout. Will fix, probably like: cc = read(ifd, buf + largv, sizeof(buf) - largv - 1)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

mezantrop - 2023-01-01

Will fix with the solution by Sergey Mironov in the bug report #6

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

mezantrop - 2023-01-01

status: accepted --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Potential overflow in watch4str

Run applications under pseudo-terminal (PTY) sessions

Group

Searches

Help

#7 Potential overflow in watch4str

Discussion