danielmarjamaki created this revision.
danielmarjamaki added a subscriber: cfe-commits.
danielmarjamaki set the repository for this revision to rL LLVM.
This little patch fixes possible array index out of bounds:
[tools/clang/lib/Driver/MSVCToolChain.cpp:147]: (error) Array 'partialKey[256]'
accessed at index 256, which is out of bounds
There is a slight change in behaviour now. If partialKey is filled with data
then partialData[255] is zeroed instead of partialData[256]. I thought about
making partialData one byte bigger so partialData[256]='\0' would be ok but I
_think_ that it is 256 elements by intention.
Repository:
rL LLVM
http://reviews.llvm.org/D16582
Files:
lib/Driver/MSVCToolChain.cpp
Index: lib/Driver/MSVCToolChain.cpp
===================================================================
--- lib/Driver/MSVCToolChain.cpp
+++ lib/Driver/MSVCToolChain.cpp
@@ -141,8 +141,8 @@
nextKey++;
size_t partialKeyLength = keyEnd - keyPath;
char partialKey[256];
- if (partialKeyLength > sizeof(partialKey))
- partialKeyLength = sizeof(partialKey);
+ if (partialKeyLength >= sizeof(partialKey))
+ partialKeyLength = sizeof(partialKey) - 1;
strncpy(partialKey, keyPath, partialKeyLength);
partialKey[partialKeyLength] = '\0';
HKEY hTopKey = NULL;
Index: lib/Driver/MSVCToolChain.cpp
===================================================================
--- lib/Driver/MSVCToolChain.cpp
+++ lib/Driver/MSVCToolChain.cpp
@@ -141,8 +141,8 @@
nextKey++;
size_t partialKeyLength = keyEnd - keyPath;
char partialKey[256];
- if (partialKeyLength > sizeof(partialKey))
- partialKeyLength = sizeof(partialKey);
+ if (partialKeyLength >= sizeof(partialKey))
+ partialKeyLength = sizeof(partialKey) - 1;
strncpy(partialKey, keyPath, partialKeyLength);
partialKey[partialKeyLength] = '\0';
HKEY hTopKey = NULL;
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
