From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp53.i.mail.ru (smtp53.i.mail.ru [94.100.177.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id D3D2346970F for ; Mon, 25 Nov 2019 19:27:11 +0300 (MSK) From: Serge Petrenko Date: Mon, 25 Nov 2019 19:27:01 +0300 Message-Id: <20191125162701.82576-1-sergepetrenko@tarantool.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [Tarantool-patches] [PATCH] backtrace: fix out of bounds access on backtrace printing List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: v.shpilevoy@tarantool.org Cc: tarantool-patches@dev.tarantool.org snrpintf always null-terminates the passed string, and it also returns the number of bytes that "would have been written if there was enough space", so not only we don't have to null-terminate the string, but even more so we shouldn't do it erroneously. Closes #4636 --- https://github.com/tarantool/tarantool/issues/4636 https://github.com/tarantool/tarantool/tree/sp/gh-4636-bt-print-fix src/lib/core/backtrace.cc | 1 - 1 file changed, 1 deletion(-) diff --git a/src/lib/core/backtrace.cc b/src/lib/core/backtrace.cc index 57e541c25..903ffb79c 100644 --- a/src/lib/core/backtrace.cc +++ b/src/lib/core/backtrace.cc @@ -173,7 +173,6 @@ backtrace() say_debug("unwinding error: %i", unw_status); #endif out: - *p = '\0'; return backtrace_buf; } -- 2.21.0 (Apple Git-122)