bug#4992: Invalid use of strcpy() in etags

bug#4992: Invalid use of strcpy() in etags

[Tobias Ringström]

[-- Attachment #1: Type: text/plain, Size: 352 bytes --]

The function absolute_filename() lib-src/etags.c has two invalid calls 
to strcpy() with overlapping arguments. It's undefined C that often 
happens to work, but breaks very badly for at least gcc 4.4.2 and glibc 
2.11 on x86_64, which is default for Fedora 12.

The attached patch replaces the bogus strcpy() calls with calls to 
memmove().

/Tobias


[-- Attachment #2: emacs-23.1-strcpy-bug.patch --]
[-- Type: text/plain, Size: 688 bytes --]

diff -ru emacs-23.1.orig/lib-src/etags.c emacs-23.1/lib-src/etags.c
--- emacs-23.1.orig/lib-src/etags.c	2009-06-21 06:37:34.000000000 +0200
+++ emacs-23.1/lib-src/etags.c	2009-11-20 16:35:09.638200192 +0100
@@ -6695,13 +6695,13 @@
 	      else if (cp[0] != '/')
 		cp = slashp;
 #endif
-	      strcpy (cp, slashp + 3);
+	      memmove (cp, slashp + 3, strlen (slashp + 2));
 	      slashp = cp;
 	      continue;
 	    }
 	  else if (slashp[2] == '/' || slashp[2] == '\0')
 	    {
-	      strcpy (slashp, slashp + 2);
+	      memmove (slashp, slashp + 2, strlen (slashp + 1));
 	      continue;
 	    }
 	}
Only in emacs-23.1/lib-src: etags.c.orig
Only in emacs-23.1/lib-src: etags.c.rej

bug#4992: Invalid use of strcpy() in etags

[Jan Djärv]

Tobias Ringström skrev:
> The function absolute_filename() lib-src/etags.c has two invalid calls 
> to strcpy() with overlapping arguments. It's undefined C that often 
> happens to work, but breaks very badly for at least gcc 4.4.2 and glibc 
> 2.11 on x86_64, which is default for Fedora 12.
> 
> The attached patch replaces the bogus strcpy() calls with calls to 
> memmove().
> 

Checked in, thanks.

	Jan D.

bug#4992: marked as done (Invalid use of strcpy() in etags)

[Emacs bug Tracking System]

[-- Attachment #1: Type: text/plain, Size: 859 bytes --]

Your message dated Mon, 23 Nov 2009 10:51:42 +0100
with message-id <4B0A5B2E.8050305@swipnet.se>
and subject line Re: bug#4992: Invalid use of strcpy() in etags
has caused the Emacs bug report #4992,
regarding Invalid use of strcpy() in etags
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@emacsbugs.donarmstrong.com
immediately.)


-- 
4992: http://emacsbugs.donarmstrong.com/cgi-bin/bugreport.cgi?bug=4992
Emacs Bug Tracking System
Contact owner@emacsbugs.donarmstrong.com with problems

[-- Attachment #2: Type: message/rfc822, Size: 4384 bytes --]

[-- Attachment #2.1.1: Type: text/plain, Size: 352 bytes --]

The function absolute_filename() lib-src/etags.c has two invalid calls 
to strcpy() with overlapping arguments. It's undefined C that often 
happens to work, but breaks very badly for at least gcc 4.4.2 and glibc 
2.11 on x86_64, which is default for Fedora 12.

The attached patch replaces the bogus strcpy() calls with calls to 
memmove().

/Tobias


[-- Attachment #2.1.2: emacs-23.1-strcpy-bug.patch --]
[-- Type: text/plain, Size: 688 bytes --]

diff -ru emacs-23.1.orig/lib-src/etags.c emacs-23.1/lib-src/etags.c
--- emacs-23.1.orig/lib-src/etags.c	2009-06-21 06:37:34.000000000 +0200
+++ emacs-23.1/lib-src/etags.c	2009-11-20 16:35:09.638200192 +0100
@@ -6695,13 +6695,13 @@
 	      else if (cp[0] != '/')
 		cp = slashp;
 #endif
-	      strcpy (cp, slashp + 3);
+	      memmove (cp, slashp + 3, strlen (slashp + 2));
 	      slashp = cp;
 	      continue;
 	    }
 	  else if (slashp[2] == '/' || slashp[2] == '\0')
 	    {
-	      strcpy (slashp, slashp + 2);
+	      memmove (slashp, slashp + 2, strlen (slashp + 1));
 	      continue;
 	    }
 	}
Only in emacs-23.1/lib-src: etags.c.orig
Only in emacs-23.1/lib-src: etags.c.rej

[-- Attachment #3: Type: message/rfc822, Size: 2442 bytes --]

From: "Jan Djärv" <jan.h.d@swipnet.se>
To: "Tobias Ringström" <tobias@ringis.se>, 4992@emacsbugs.donarmstrong.com
Cc: bug-gnu-emacs@gnu.org, 4992-done@emacsbugs.donarmstrong.com
Subject: Re: bug#4992: Invalid use of strcpy() in etags
Date: Mon, 23 Nov 2009 10:51:42 +0100
Message-ID: <4B0A5B2E.8050305@swipnet.se>

Tobias Ringström skrev:
> The function absolute_filename() lib-src/etags.c has two invalid calls 
> to strcpy() with overlapping arguments. It's undefined C that often 
> happens to work, but breaks very badly for at least gcc 4.4.2 and glibc 
> 2.11 on x86_64, which is default for Fedora 12.
> 
> The attached patch replaces the bogus strcpy() calls with calls to 
> memmove().
> 

Checked in, thanks.

	Jan D.