tech-userlevel: Re: Crunchgen bug and patch

Subject: Re: Crunchgen bug and patch
To: None <hypnosses@pulltheplug.org>
From: David Laight <david@l8s.co.uk>
List: tech-userlevel
Date: 06/11/2006 22:24:23

On Sat, Jun 10, 2006 at 12:28:18PM -0700, hypnosses@pulltheplug.org wrote:
> There is a small bug in crunchgen when dealing with a large string which
> causes it to crash. heres a patch for it.
...
> Index: crunchgen.c
> ===================================================================
> RCS file: /cvsroot/src/usr.bin/crunch/crunchgen/crunchgen.c,v
> retrieving revision 1.69
> diff -r1.69 crunchgen.c
> 163,166c163,166
> <       case 'm':       strcpy(outmkname, optarg); break;
> <       case 'c':       strcpy(outcfname, optarg); break;
> <       case 'e':       strcpy(execfname, optarg); break;
> <       case 'd':       strcpy(dbg, optarg); break;
> ---
> >       case 'm':       strlcpy(outmkname, optarg, sizeof outmkname); break;
> >       case 'c':       strlcpy(outcfname, optarg, sizeof outcfname); break;
> >       case 'e':       strlcpy(execfname, optarg, sizeof execfname); break;
> >       case 'd':       strlcpy(dbg, optarg, sizeof dbg); break;
...

Except that after these changes it will silently do the wrong thing, which
is probably worse than the core dump!
There are 2 fixes:
1) exit with an error message saying one of the strings is too long
2) dynamically allocate memory for the strings.

	David

-- 
David Laight: david@l8s.co.uk