On Wed, Feb 01, 2017 at 09:47:40PM +0100, Eric Botcazou wrote:
> > 2017-02-01 Jakub Jelinek <ja...@redhat.com>
> >
> > PR ada/79309
> > * adaint.c (__gnat_killprocesstree): Don't clear statfile
> > before overwriting it. If d->d_name is too long, skip trying
> > to construct the filename and open it. Use strcpy/strcat
> > instead of strncpy/strncat.
>
> Sorry, I installed the fix in the meantime and our messages crossed.
Np.
> > --- gcc/ada/adaint.c.jj 2017-01-12 22:28:59.293871830 +0100
> > +++ gcc/ada/adaint.c 2017-02-01 09:18:47.027598963 +0100
> > @@ -3396,14 +3396,16 @@ void __gnat_killprocesstree (int pid, in
> > {
> > if ((d->d_type & DT_DIR) == DT_DIR)
> > {
> > - char statfile[64] = { 0 };
> > + char statfile[64];
> > int _pid, _ppid;
> >
> > /* read /proc/<PID>/stat */
> >
> > - strncpy (statfile, "/proc/", sizeof(statfile));
> > - strncat (statfile, d->d_name, sizeof(statfile));
> > - strncat (statfile, "/stat", sizeof(statfile));
> > + if (strlen (d->d_name) > sizeof (statfile) - sizeof ("/proc//stat"))
> > + continue;
>
> I think you need ">=" here.
I believe > is right. sizeof (statfile) is 64, sizeof ("/proc//stat") is
12 (that includes the terminating '\0'), and 52 characters long d->d_name
still fits (6 bytes /proc/, 52 bytes d->d_name, 5 bytes /stat and 1 byte '\0')
while 53 characters are too much. Equivalent of the above would be
if (strlen (d->d_name) >= sizeof (statfile) - strlen ("/proc//stat"))
Jakub
