> As mentioned in the PR, strncat does something different from what the
> code expects (the last argument is the maximum number of characters
> to be copied, rather than maximum number of characters in the destination
> buffer). As for the (highly unlikely, because d->d_name really should be
> the pid numbers plus a couple of extra dirnames) case of truncated name
> trying to open such truncated filename wouldn't work anyway, this
> patch just skips it altogether if there would be overflow.
> GCC strlen pass should be able to optimize all the 3 calls into memcpy,
> using strlen value from the earlier strlen call.
>
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
>
> 2017-02-01 Jakub Jelinek <ja...@redhat.com>
>
> PR ada/79309
> * adaint.c (__gnat_killprocesstree): Don't clear statfile
> before overwriting it. If d->d_name is too long, skip trying
> to construct the filename and open it. Use strcpy/strcat
> instead of strncpy/strncat.
Sorry, I installed the fix in the meantime and our messages crossed.
> --- gcc/ada/adaint.c.jj 2017-01-12 22:28:59.293871830 +0100
> +++ gcc/ada/adaint.c 2017-02-01 09:18:47.027598963 +0100
> @@ -3396,14 +3396,16 @@ void __gnat_killprocesstree (int pid, in
> {
> if ((d->d_type & DT_DIR) == DT_DIR)
> {
> - char statfile[64] = { 0 };
> + char statfile[64];
> int _pid, _ppid;
>
> /* read /proc/<PID>/stat */
>
> - strncpy (statfile, "/proc/", sizeof(statfile));
> - strncat (statfile, d->d_name, sizeof(statfile));
> - strncat (statfile, "/stat", sizeof(statfile));
> + if (strlen (d->d_name) > sizeof (statfile) - sizeof ("/proc//stat"))
> + continue;
I think you need ">=" here.
--
Eric Botcazou
