[ET Trac] #2750: HTTPD: Array access out of bounds
Erik Schnetter
trac-noreply at einsteintoolkit.org
Wed Aug 23 14:28:35 CDT 2023
#2750: HTTPD: Array access out of bounds
Reporter: Erik Schnetter
Status: new
Milestone:
Version:
Type: bug
Priority: minor
Component: EinsteinToolkit thorn
Building HTTPD I see these warnings:
```
In function 'StringSetToBuffer',
inlined from 'StringSetToBuffer' at /home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:268:1,
inlined from 'StringSetToCString' at /home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:226:10:
/home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:273:7: warning: 'strncpy' output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
273 | strncpy( s->chars, buf, len );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c: In function 'StringSetToCString':
/home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:226:10: note: length computed here
226 | return StringSetToBuffer( s, c_string, strlen( c_string ) );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
and
```
In function 'String_Copy',
inlined from 'StringInsert' at /home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:396:26:
/home/eschnetter/Cactus/arrangements/CactusConnect/HTTPD/src/SString.c:125:3: warning: 'memcpy' offset [0, 2] is out of the bounds [0, 0] [-Warray-bounds=]
125 | memcpy( s->line_end, other->line_end, LINE_END_BUFSIZE
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
126 | * sizeof( SSCHAR ) );
| ~~~~~~~~~~~~~~~~~~~~
```
These look serious.
--
Ticket URL: https://bitbucket.org/einsteintoolkit/tickets/issues/2750/httpd-array-access-out-of-bounds
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.einsteintoolkit.org/pipermail/trac/attachments/20230823/1903d5c0/attachment.htm>
More information about the Trac
mailing list