On 28 Jan 17:15, Jakub Jelinek wrote:
> On Wed, Jan 28, 2015 at 07:02:59PM +0300, Ilya Verbin wrote:
> > + = XNEWVEC (char, len + sizeof ("-B" "../" DEFAULT_TARGET_MACHINE
> > + "/libgomp/"));
> > + sprintf (optional_target_path2, "-B%s/../../../"
> > DEFAULT_TARGET_MACHINE
> > + "/libgomp/", current_path);
>
> This will surely overflow the buffer, won't it? There is space just for
> "../" but you put there "/../../../".
>
> I'd strongly prefer if you rewrote all these XNEWVEC or XRESIZEVEC etc.
> + sprintf cases into concat, like
> optional_target_path2 = concat ("-B", current_path,
> "/../../../" DEFAULT_TARGET_MACHINE
> "/libgomp/", NULL);
> and similar. That way you avoid all such bugs.
The variable 'len' contains sizeof ("/../../").
I agree that this code looks ugly :) I'll rewrite it using concat.
-- Ilya
