libtool
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BUG in ltdl.c - here's a PATCH


From: Lutz Müller
Subject: BUG in ltdl.c - here's a PATCH
Date: 14 Jun 2002 12:36:49 +0200

Hi!

I finally found the bug in ltdl.c that makes libltdl unusable for
gphoto2 (http://www.gphoto.org). Here's the patch:

--- /usr/share/libtool/libltdl/ltdl.c   Wed Jan  9 20:26:41 2002
+++ ltdl.c      Fri Jun 14 12:22:53 2002
@@ -2192,21 +2192,21 @@ foreach_dirinpath (search_path, base_nam
 
        if (lendir +1 +lenbase >= filenamesize)
        {
          LT_DLFREE (filename);
          filenamesize  = lendir +1 +lenbase +1; /* "/d" + '/' + "f" + '\0' */
          filename      = LT_EMALLOC (char, filenamesize);
          if (!filename)
            goto cleanup;
        }
 
-       strncpy (filename, dir_name, lendir);
+       strncpy (filename, dir_name, lendir + 1);
        if (base_name && *base_name)
          {
            if (filename[lendir -1] != '/')
              filename[lendir++] = '/';
            strcpy (filename +lendir, base_name);
          }
 
        if ((result = (*func) (filename, data1, data2)))
          {
            break;


The problem is that the first time 'filename' is allocated, it seems to
be zero'ed out. However, this isn't the case if 'filename' gets freed
and allocated a second time. Don't ask me why - if you think, LT_EMALLOC
should zero out the allocated bytes, the bug is located deeper in there.
Anyways, it won't hurt to copy the string _including_ the terminating
'\0'.

Is there any chance to get this into future versions of libtool,
especially libtool-1.4.x?

Thank you very much for any feedback!

Lutz Müller
-- 
+----------------------------------------------+
| Lutz Müller                 +49 (7156) 34837 |
|                                              |
| Hans-Sachs-Strasse 5                         |
| 71254 Ditzingen       http://www.topfrose.de |
| Germany           address@hidden |
+----------------------------------------------+




reply via email to

[Prev in Thread] Current Thread [Next in Thread]