From ad37f5aabdaa7f512986f8b43081cd5c6ad0c873 Mon Sep 17 00:00:00 2001 From: "thestig@chromium.org" Date: Tue, 1 Apr 2014 20:18:53 +0000 Subject: [PATCH] Terminating FileID path when at maximum length. (Coverity) If FileID was constructed with a path that was >= PATH_MAX then path_ was not terminated resulting in a possible buffer overrun when reading. BUG=573 A=cmumford@chromium.org Original code review: https://breakpad.appspot.com/1324002/ R=cmumford@chromium.org Review URL: https://breakpad.appspot.com/1334002 git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1295 4c0a9323-5329-0410-9bdc-e9ce6186880e --- src/common/linux/file_id.cc | 6 ++---- src/common/linux/file_id.h | 3 ++- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/common/linux/file_id.cc b/src/common/linux/file_id.cc index e3631785..31ea9da5 100644 --- a/src/common/linux/file_id.cc +++ b/src/common/linux/file_id.cc @@ -48,9 +48,7 @@ namespace google_breakpad { -FileID::FileID(const char* path) { - strncpy(path_, path, sizeof(path_)); -} +FileID::FileID(const char* path) : path_(path) {} // ELF note name and desc are 32-bits word padded. #define NOTE_PADDING(a) ((a + 3) & ~3) @@ -150,7 +148,7 @@ bool FileID::ElfFileIdentifierFromMappedFile(const void* base, } bool FileID::ElfFileIdentifier(uint8_t identifier[kMDGUIDSize]) { - MemoryMappedFile mapped_file(path_); + MemoryMappedFile mapped_file(path_.c_str()); if (!mapped_file.data()) // Should probably check if size >= ElfW(Ehdr)? return false; diff --git a/src/common/linux/file_id.h b/src/common/linux/file_id.h index 70a6b3f5..2642722a 100644 --- a/src/common/linux/file_id.h +++ b/src/common/linux/file_id.h @@ -34,6 +34,7 @@ #define COMMON_LINUX_FILE_ID_H__ #include +#include #include "common/linux/guid_creator.h" @@ -69,7 +70,7 @@ class FileID { private: // Storage for the path specified - char path_[PATH_MAX]; + std::string path_; }; } // namespace google_breakpad