On 7/31/07, Nicholas Clark <[EMAIL PROTECTED]> wrote: > On Mon, Jul 30, 2007 at 09:20:27PM -0700, Matt Diephouse wrote: > > On 7/30/07, chromatic <[EMAIL PROTECTED]> wrote: > > > On Monday 30 July 2007 00:21:09 [EMAIL PROTECTED] wrote: > > > > Author: mdiep > > > > >=== --- trunk/src/inter_run.c (original) > > > > +++ trunk/src/inter_run.c Mon Jul 30 00:21:07 2007 > > > > @@ -167,9 +167,7 @@ > > > > { > > > > opcode_t offset, *dest; > > > > parrot_context_t *ctx; > > > > - /* > > > > - * FIXME argument count limited - check strlen of sig > > > > - */ > > > > + > > > > char new_sig[10]; > > > > const char *sig_p; > > > > parrot_context_t * const old_ctx = CONTEXT(interp->ctx); > > > > > > I think this comment meant "Hey, allocating a ten-character array on the > > > stack > > > might put us in danger of overruns." > > > > I removed it because down later in the source, the strlen of sig *is* > > checked: > > > > const size_t len = strlen(sig); > > if (len > 8) { > > real_exception(interp, NULL, 1, "too many arguments in > > runops_args"); > > } > > > > The string is only copied after this check is made. > > So shouldn't that 8 be sizeof(new_sig) - 1 ?
No. More context is needed again. const size_t len = strlen(sig); if (len > 8) { real_exception(interp, NULL, 1, "too many arguments in runops_args"); } new_sig[0] = 'O'; strcpy(new_sig + 1, sig + 1); sig_p = new_sig; > Right now there are two magic numbers, one of which is actually off by one, > and no clear linking of the two. That's a reasonable idea though. I haven't got the time to do it until later tonight. Someone else can feel free to do so in the meantime. -- Matt Diephouse http://matt.diephouse.com