[Kaffe] could this buffer overflow?
dejong at cs.umn.edu
Fri Feb 5 15:18:39 PST 1999
On Fri, 5 Feb 1999, Godmar Back wrote:
> Along those lines, it appears that the best way of fixing the sprintf
> is to KMALLOC a buffer large enough and sprintf into it, as is done
> in external.c:native.
Ok how about this on top of my last patch. Would that work correctly?
Does KMALLOC() work just like malloc() except for the signals thing?
I noticed some code in other places where KMALLOC() is used but the
memory is never KFREE()ed. I assume those were errors.
--- copy_stackTrace.c Fri Feb 5 16:17:07 1999
+++ stackTrace.c Fri Feb 5 17:14:49 1999
@@ -120,7 +120,9 @@
- class_dot_name = strdup(CLASS_CNAME(meth->class));
+ tmp = CLASS_CNAME(meth->class);
+ class_dot_name = KMALLOC(strlen(tmp) + 1);
assert(class_dot_name != NULL);
/* change '/' to '.' in the class name */
tmp = class_dot_name;
@@ -144,7 +146,7 @@
len = strlen(buf);
str = newArray(TYPE_CLASS(TYPE_Char), len);
cptr = (jchar*)OBJARRAY_DATA(str);
More information about the kaffe