[bug #29253] Memory corruption error when backslash line continuation used in function call

[anonymous]

URL:
  <http://savannah.gnu.org/bugs/?29253>

                 Summary: Memory corruption error when backslash line
continuation used in function call
                 Project: make
            Submitted by: None
            Submitted on: Thu 18 Mar 2010 08:26:54 AM UTC
                Severity: 3 - Normal
              Item Group: Bug
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
       Component Version: 3.81
        Operating System: Any
           Fixed Release: None
           Triage Status: None

    _______________________________________________________

Details:

I ran into some weird behaviour, and with the help of valgrind, tracked it to
a misuse of strcpy in the code which elides backslash-newline sequences inside
function calls.

The problem is that strcpy explicitly does not support being called with a
source and destination that overlap, but make does this. This didn't cause a
problem for me on Linux i386, but corrupted the command string on Linux amd64
for me. I suspect that libc is able to use a wider block-at-a-time primitive
to implement strcpy on amd64 than i386.

The fix is simple, just convert the strcpy call to a bcopy call:
--- make-dfsg-3.81.orig/job.c
+++ make-dfsg-3.81/job.c
@@ -1594,7 +1594,7 @@
       /* There are no more references in this line to worry about.
         Copy the remaining uninteresting text to the output.  */
       if (out != in)
-       strcpy (out, in);
+       bcopy (in, out, strlen (in) + 1);
 
       /* Finally, expand the line.  */
       lines[i] = allocated_variable_expand_for_file
(cmds->command_lines[i],





    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?29253>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/