Menu
▾
▴
[Valgrind-developers] VALGRIND_2_0_REALLY: valgrind/memcheck
|
From: Julian S. <js...@ac...> - 2003-11-03 14:45:01
|
CVS commit by jseward:
Merge revs
mac_replace_strmem.c 1.5
tests/overlap.c 1.3
Fixed bug in overlap check in strncpy() -- it was assuming the src was 'n'
bytes longs, when it could be shorter, which could cause false positives.
Added an example of this to the regtest.
M +6 -4 mac_replace_strmem.c 1.3.2.1
M +9 -0 tests/overlap.c 1.2.2.1
--- valgrind/memcheck/mac_replace_strmem.c #1.3:1.3.2.1
@@ -187,11 +187,13 @@ char* strcpy ( char* dst, const char* sr
char* strncpy ( char* dst, const char* src, int n )
{
+ const Char* src_orig = src;
Char* dst_orig = dst;
Int m = 0;
- if (is_overlap(dst, src, n, n))
- complain3("strncpy", dst, src, n);
-
while (m < n && *src) { m++; *dst++ = *src++; }
+ /* Check for overlap after copying; all n bytes of dst are relevant,
+ but only m+1 bytes of src if terminator was found */
+ if (is_overlap(dst_orig, src_orig, n, (m < n) ? m+1 : n))
+ complain3("strncpy", dst, src, n);
while (m++ < n) *dst++ = 0; /* must pad remainder with nulls */
--- valgrind/memcheck/tests/overlap.c #1.2:1.2.2.1
@@ -113,4 +113,13 @@ int main(void)
strncat(a, a+20, 21);
+ /* This is ok, but once gave a warning when strncpy() was wrong,
+ and used 'n' for the length, even when the src was shorter than 'n' */
+ {
+ char dest[64];
+ char src [16];
+ strcpy( src, "short" );
+ strncpy( dest, src, 20 );
+ }
+
return 0;
}
|
