[PATCH] cpukit/libmisc/monitor: Fixed src/dest overlap in strcpy in mon-editor.c

Gedare Bloom gedare at rtems.org
Thu May 27 01:56:53 UTC 2021 

On Wed, May 26, 2021 at 7:56 PM Joel Sherrill <joel at rtems.org> wrote:
>
>
>
> On Wed, May 26, 2021, 8:46 PM Gedare Bloom <gedare at rtems.org> wrote:
>>
>> On Wed, May 26, 2021 at 4:35 PM Harrison Edward Gerber
>> <gerberhe11 at gmail.com> wrote:
>> >
>> > See also CID 1399727
>> >
>> > Closes #4444
>> > ---
>> >  cpukit/libmisc/monitor/mon-editor.c | 3 ++-
>> >  1 file changed, 2 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/cpukit/libmisc/monitor/mon-editor.c b/cpukit/libmisc/monitor/mon-editor.c
>> > index dcea9fcc69..1392be51f1 100644
>> > --- a/cpukit/libmisc/monitor/mon-editor.c
>> > +++ b/cpukit/libmisc/monitor/mon-editor.c
>> > @@ -360,7 +360,8 @@ rtems_monitor_line_editor (
>> >              {
>> >                int bs;
>> >                pos--;
>> > -              strcpy (buffer + pos, buffer + pos + 1);
>> > +              memmove(buffer + pos, buffer + pos + 1, RTEMS_COMMAND_BUFFER_SIZE - pos - 1);
>
>
> My first thought was to ask if strlcpy would be more correct because it should avoid copying as many bytes. But the source and destination could overlap as they are close to it just by visual inspection.
>
> I think it would be worth a comment in the code explaining why a string method wasn't used.
>
Good idea. BTW: it is guaranteed that the source and dest overlap in
this particular case.

>> This exceeds 80 character line limit, please break the line length as
>> directed by
>> https://docs.rtems.org/branches/master/eng/coding-formatting.html#eighty-character-line-limit
>>
>> > +              buffer[RTEMS_COMMAND_BUFFER_SIZE - 1] = "\0";
>> This should be '\0' not "\0". I don't know if the compiler would
>> correct that for you or not.
>>
>> >                fprintf(stdout,"\b%s \b", buffer + pos);
>> >                for (bs = 0; bs < ((int) strlen (buffer) - pos); bs++)
>> >                  putchar ('\b');
>> > --
>> > 2.25.1
>> >
>> > _______________________________________________
>> > devel mailing list
>> > devel at rtems.org
>> > http://lists.rtems.org/mailman/listinfo/devel
>> _______________________________________________
>> devel mailing list
>> devel at rtems.org
>> http://lists.rtems.org/mailman/listinfo/devel

More information about the devel mailing list