Coder Social home page Coder Social logo

copy_string error about force HOT 2 CLOSED

davidfrantz avatar davidfrantz commented on July 28, 2024
copy_string error

from force.

Comments (2)

davidfrantz avatar davidfrantz commented on July 28, 2024

Hi Haili,

thanks for your suggestion. I really appreciate this.

But this is already fixed now with FORCE 3.5.2.

I would however suggest you not using your proposed fix as this is insecure (have a read here), and actually fails in this case.

The problem here is, that I forgot to replace the EOL character in the reading funtion, i.e. tokenptr = "MOD\n", should actually be tokenptr = "MOD\0"

This means that the copied string won't be null-terminated, which might cause other problems.

The copy_string function already did as you suggest, but adds a test whether the string is null-terminated after copying. As we were copying 4 (tokenptr = "MOD\n) instead of 3 characters (tokenptr = "MOD\0"), there was no space for the terminating NULL, and the function fails safely:

void copy_string(char *dst, size_t size, const char *src){

  strncpy(dst, src, size);
  if (dst[size-1] != '\0'){
    printf("cannot copy, string too long:\n%s\n", src);
    exit(1);
  }

  return;
}

The fix is to include this line here in src/lower-level/gas-ll.c in l. 682:

buffer[strcspn(buffer, "\r\n#")] = 0;

This even makes it safe to use a file with Windows EOL.

Cheers,

David

from force.

hailihu avatar hailihu commented on July 28, 2024

Thanks David,
I tested 3.5.2 and it works now. It wasn't really a fix I proposed, just I workaround so I could identify the source of error and continue processing. Good you have a solid fix now, thanks!
Cheers, Haili

from force.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.