Follow-up Comment #3, bug #66147 (group screen): Good point! As you mentioned, the ARRAY_SIZE macro will try to find the size of the pointer to the array of unknown length, and will devolve to simply the size of the pointer over the size of a char (8/1).
Upon further examination, the code change I suggested is simply limiting the
copy to 7 characters, which fixes the contrived test case of "screen -S test
-X stuff "ls" but does not allow strings larger than 7 now...
I can confirm that your suggestion of using strcpy instead of strncpy seems to
make the runtime buffer overflow go away, but may be undermining the point of
using FORTIFY_SOURCE=3, but I confess I'm not an expert in FORTIFY_SOURCE.
-Al C.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66147>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
