Coverity reports on possible overruns of static arrays
mstefani at redhat.com
Thu Nov 16 04:08:09 CST 2006
Paul Vriens wrote:
> we have quite a few places in the code where we do:
> WCHAR param[any-value];
> len = sizeof(param) / sizeof(WCHAR);
And there lies the next potential bug. If somebody changes the type of
param this will result in a wrong length. For this reason the Linux
Kernel guys are replacing all those constructs with a macro ARRAY_SIZE
#define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)))
Thought about doing that for Wine too but have to ask Alexandre first if
he would accept such patches.
> param[len] = '\0';
> and of course more-or-less the same for CHAR arrays.
> This could lead (and the example does) to writing behind the end of
> I've submitted two patches for this, but I'm not sure just doing:
> param[len - 1] = '\0';
> is the correct/good approach.
> Any idea's?
If this is such a common operation why not create a macro for that too.
#define ARRAY_ZERO_LAST(x) ((x)[ARRAY_SIZE(x)-1] = '\0')
Michael Stefaniuc Tel.: +49-711-96437-199
Sr. Network Engineer Fax.: +49-711-96437-111
Red Hat GmbH Email: mstefani at redhat.com
Hauptstaetterstr. 58 http://www.redhat.de/
More information about the wine-devel