[m-rev.] Fix buffer overrun (off-by-one error)
Peter Moulder
Peter.Moulder at infotech.monash.edu.au
Sun Aug 24 13:55:48 AEST 2003
Buffer didn't have space for trailing NUL byte.
(The bug isn't usually triggered, as the buffer is already much larger
than needed for useful inputs.)
pjm.
Estimated hours taken: 0.2
trace/mercury_trace_internal.c:
Fix buffer overrun (off-by-one error).
Index: trace/mercury_trace_internal.c
===================================================================
RCS file: /home/mercury1/repository/mercury/trace/mercury_trace_internal.c,v
retrieving revision 1.158
diff -d -u -r1.158 mercury_trace_internal.c
--- trace/mercury_trace_internal.c 12 Jun 2003 15:38:36 -0000 1.158
+++ trace/mercury_trace_internal.c 23 Aug 2003 07:49:02 -0000
@@ -5629,7 +5629,7 @@
char **raw_words;
int raw_word_max;
char raw_word_count;
- static char count_buf[MR_NUMBER_LEN];
+ static char count_buf[MR_NUMBER_LEN + 1];
char *s;
int i;
--------------------------------------------------------------------------
mercury-reviews mailing list
post: mercury-reviews at cs.mu.oz.au
administrative address: owner-mercury-reviews at cs.mu.oz.au
unsubscribe: Address: mercury-reviews-request at cs.mu.oz.au Message: unsubscribe
subscribe: Address: mercury-reviews-request at cs.mu.oz.au Message: subscribe
--------------------------------------------------------------------------
More information about the reviews
mailing list