bug-make
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some potential bugs in make-3.82


From: Norbert Thiebaud
Subject: Re: Some potential bugs in make-3.82
Date: Tue, 7 May 2013 22:48:05 -0500

On Tue, May 7, 2013 at 10:24 PM, Zhenbo Xu <address@hidden> wrote:
> 2. Out of bound
> file: function.c
> function: func_sort
> At line 1150: words = xmalloc (wordi * sizeof (char *));
> The value of wordi may be 1.
>
> At line 1171: if (i == wordi - 1 || strlen (words[i + 1]) != len
> words[i + 1] may cause overflow.

no because i < wordi - 1 ( i < wordi because of the for() condition,
and if i == wordi - 1 then the || evaluation is shortcut-ed by i ==
wordi - 1, hence strlen() is not evaluated)

also note that the wordi in the alloc is a 1-based index whereas the
wordi in the for loop is  a 0-based index



reply via email to

[Prev in Thread] Current Thread [Next in Thread]