This is the mail archive of the ecos-discuss@sources.redhat.com mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

redboot's gets() buffer overflow


Hi,

The gets() routine in redboot/current/src/io.c does not make use of its buflen
argument. I propose that the routine returns buflen when it reaches the end of
the buffer (this matches the routine's comment but could break some client code
that only check for _GETS_OK):

2001-04-12  Robin Farine  <acnrf@dial.eunet.ch>

	* src/io.c (gets): Checks for buffer overflow and returns buflen
	if it reaches the end of the buffer.

-------------------------<snip>-----------------------------------------
Index: io.c
===================================================================
RCS file: /usr/cvs/eCos/base/packages/redboot/current/src/io.c,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -r1.1.1.2 -r1.3
259a260,261
> 	if (ptr == buf + buflen)
> 	  return buflen;
-------------------------<snip>-----------------------------------------

Robin


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]