[rpm PATCH] Fix unterminated buffer after readlink() call
thomas.jarosch at intra2net.com
Tue Oct 25 07:27:10 UTC 2011
On Monday, 24. October 2011 20:47:00 James Antill wrote:
> On Fri, 2011-10-21 at 23:05 +0200, Thomas Jarosch wrote:
> > readlink() never terminates the buffer.
> > Detected by "cppcheck" (git HEAD)
> Not that it's a terrible idea to make it more obvious, but these
> weren't bugs...
Yes, I'm glad you spotted it. I was really wondering how rpm
worked so nicely in the past.
I overlooked it because my tab size was set to 4 instead of 8.
With a tab size of 4, it's very easy to miss the memset().
Still those three glibc bugs are real issues (until proven otherwise ;)),
so there's a good side to this in any case.
More information about the Rpm-list