[PATCH] shell32: use flexible arrays to avoid fortify failures
vapier at gentoo.org
Tue Sep 21 03:42:34 CDT 2010
On Tuesday, September 21, 2010 04:21:28 Reece Dunn wrote:
> On 21 September 2010 08:58, Mike Frysinger wrote:
> > fortify is only adding security/sanity checks to functions. so if you
> > do: char f;
> > strcpy(f, "1234");
> > the C library, with help from the compiler, will then perform constant
> > checks on these things. since 5 bytes is more than the storage of "f"
> > can hold, you get a build time warning. and then at runtime, if this
> > code is attempted to be executed, it will abort() before the storage is
> > allowed to overflow.
> > the problem with the wine code is that it declares a buffer as 1 byte
> > long even though in reality it is the start of a flexible string. newer
> > C specs account for this behavior by introducing the "" syntax. the C
> > library will not perform length checks on these strings since it has no
> > idea what its limits are at build time.
> Ah, I see.
> You could always do something like:
> strcpy((char *)pidl->anysize, "1234");
> Which would force the compiler to use the char * version instead of
> the char [n] version of the strcpy function in this example.
> This would then work in any compiler without special casing for
> compilers that have fortify -- especially when public structures get
no, that wouldnt help. the compiler is too smart and is still able to
propagate the constant storage information to the checking code. someone
suggested that in a past thread on this topic.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: This is a digitally signed message part.
More information about the wine-devel