[libdvdnav-devel] [PATCH] sprintf -> strcpy
Lawrence D'Oliveiro
ldo at geek-central.gen.nz
Wed Sep 9 23:44:43 CEST 2015
On Wed, 09 Sep 2015 13:54:51 +0300, Petri Hintukainen wrote:
> On ke, 2015-09-09 at 21:45 +1200, Lawrence D'Oliveiro wrote:
>
>> What compile-time option should I use to ask for one?
>
> Depends on compiler ? Using -O did the trick here:
>
> $ gcc --version
> gcc (Ubuntu 4.9.2-10ubuntu13) 4.9.2
>
> $ gcc -c overflow.c -O
> In file included from /usr/include/string.h:639:0,
> from overflow.c:1:
> In function ‘strcpy’,
> inlined from ‘main’ at overflow.c:6:10:
> /usr/include/x86_64-linux-gnu/bits/string3.h:110:3: warning: call to
> __builtin___strcpy_chk will always overflow destination buffer
> return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
> ^
ldo at theon:c_try> gcc --version
gcc (Debian 5.2.1-15) 5.2.1 20150808
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
ldo at theon:c_try> gcc -c overflow.c -O
ldo at theon:c_try>
As you can see, it didn’t work for me.
> Anyway, using strncpy or strlcpy would not fix the program. It would
> just hide the problem (no warning) and fail at runtime. Not because of
> stack overflow, but because of truncated file name.
It would avoid buffer-overflow vulnerabilities. Truncating a string
would at least be a bug that can be spotted and fixed. Buffer overflows
lead to insidious security problems.
sprintf, strcpy and strcat are DANGEROUS. Avoid!
More information about the libdvdnav-devel
mailing list