[Cbe-oss-dev] [PATCH 3/3] libspe, libspe2: Fix C99 gets() handler
Kazunori Asayama
asayama at sm.sony.co.jp
Wed Jan 31 21:28:59 EST 2007
Kazunori Asayama <asayama at sm.sony.co.jp> wrote:
> Attached is a patch to fix the following bug of gets() in libspe and
> libspe2:
>
> - gets() does not remove a trailing line-feed character.
Sorry.
*** DO NOT APPLY the patch above. ***
The previous patch can cause buffer overrun when the input does not
end with a linefeed character.
Here is a correct one.
----
Index: libspe2/spebase/default_c99_handler.c
===================================================================
--- libspe2.orig/spebase/default_c99_handler.c
+++ libspe2/spebase/default_c99_handler.c
@@ -1508,13 +1508,19 @@ int default_c99_handler_gets(char *ls, u
FILE *stream;
char *s, *r;
int rc;
+ int size;
DEBUG_PRINTF("%s\n", __func__);
CHECK_C99_OPCODE(GETS);
stream = get_FILE(SPE_STDIN);
s = GET_LS_PTR(arg0->slot[0]);
- r = fgets(s, LS_SIZE - arg0->slot[0], stream);
+ size = LS_SIZE - arg0->slot[0];
+ r = fgets(s, size, stream);
rc = (r == s) ? arg0->slot[0] : 0;
+ if (r == s) { /* remove trailing linefeed character. */
+ char *p = s + strlen(s);
+ if (p > s && p[-1] == '\n') p[-1] = '\0';
+ }
PUT_LS_RC(rc, 0, 0, errno);
return 0;
}
More information about the cbe-oss-dev
mailing list