Hi, On Tue, Nov 05, 2024 at 11:58:19AM -0500, Serhei Makarov wrote: > On Tue, Nov 5, 2024, at 9:25 AM, Anton Moryakov wrote: > > Record Length Limit: We use strncat to add a line indicating the > > available remaining_size. This prevents writing beyond the allocated > > memory. > > Remaining space update: remaining_size is updated after each entry to > > ensure that row additions do not cause overflow. > > It looks to me like the maximum possible length of the concatenated > strings (from a hardcoded array a few lines prior to the patch) and > the length of the buffer are both statically known, and thus it's > not actually possible for the code to overflow the buffer. This is > an interesting test case for developing a static analyzer, but not > an actual bug.
Or add a static_assert based on that knowledge as we discussed before when this "RASU JSC" issue came up: https://inbox.sourceware.org/elfutils-devel/20240702114611.ge29...@gnu.wildebeest.org/T Cheers, Mark
