diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2010-10-14 00:12:23 -0700 |
|---|---|---|
| committer | Jim Meyering <meyering@redhat.com> | 2010-10-14 11:39:14 +0200 |
| commit | 6b9ab1831f7b05883ed1797a5c71cf5c594b6124 (patch) | |
| tree | 72530f22c61e4e4266bf961a223b950873f0f7ab | |
| parent | 7324fba6754b840a5d1fb6ec0f4ee3efb9db5ff4 (diff) | |
| download | coreutils-6b9ab1831f7b05883ed1797a5c71cf5c594b6124.tar.xz | |
bug#7213: [PATCH] sort: fix buffer overrun on 32-bit hosts when warning re obsolete keys
* src/sort.c (key_warnings): Local buffer should be of size
INT_BUFSIZE_BOUND (uintmax_t), not INT_BUFSIZE_BOUND (sword).
This bug was discovered by running 'make check' on a 32-bit
Solaris 8 sparc host, using Sun cc. I saw several other instances
of invoking umaxtostr on a buffer declared to be of size
INT_BUFSIZE_BOUND (VAR), and these instances should at some point
be replaced by INT_BUFSIZE_BOUND (uintmax_t) too, as that's a
less error-prone style.
| -rw-r--r-- | src/sort.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/sort.c b/src/sort.c index c155edadb..7e25f6a0b 100644 --- a/src/sort.c +++ b/src/sort.c @@ -2320,7 +2320,7 @@ key_warnings (struct keyfield const *gkey, bool gkey_only) { size_t sword = key->sword; size_t eword = key->eword; - char tmp[INT_BUFSIZE_BOUND (sword)]; + char tmp[INT_BUFSIZE_BOUND (uintmax_t)]; /* obsolescent syntax +A.x -B.y is equivalent to: -k A+1.x+1,B.y (when y = 0) -k A+1.x+1,B+1.y (when y > 0) */ |