[libdvdnav-devel] [PATCH] sprintf -> strcpy

Lawrence D'Oliveiro ldo at geek-central.gen.nz
Wed Sep 9 23:44:43 CEST 2015


On Wed, 09 Sep 2015 13:54:51 +0300, Petri Hintukainen wrote:

> On ke, 2015-09-09 at 21:45 +1200, Lawrence D'Oliveiro wrote:
>
>> What compile-time option should I use to ask for one?
> 
> Depends on compiler ? Using -O did the trick here:
> 
> $ gcc --version
> gcc (Ubuntu 4.9.2-10ubuntu13) 4.9.2
> 
> $ gcc -c overflow.c -O
> In file included from /usr/include/string.h:639:0,
>                  from overflow.c:1:
> In function ‘strcpy’,
>     inlined from ‘main’ at overflow.c:6:10:
> /usr/include/x86_64-linux-gnu/bits/string3.h:110:3: warning: call to
> __builtin___strcpy_chk will always overflow destination buffer
>    return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
>    ^

    ldo at theon:c_try> gcc --version
    gcc (Debian 5.2.1-15) 5.2.1 20150808
    Copyright (C) 2015 Free Software Foundation, Inc.
    This is free software; see the source for copying conditions.
    There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
    PARTICULAR PURPOSE.

    ldo at theon:c_try> gcc -c overflow.c -O
    ldo at theon:c_try> 

As you can see, it didn’t work for me.

> Anyway, using strncpy or strlcpy would not fix the program. It would
> just hide the problem (no warning) and fail at runtime. Not because of
> stack overflow, but because of truncated file name.

It would avoid buffer-overflow vulnerabilities. Truncating a string
would at least be a bug that can be spotted and fixed. Buffer overflows
lead to insidious security problems.

sprintf, strcpy and strcat are DANGEROUS. Avoid!


More information about the libdvdnav-devel mailing list