[rtems commit] shell/shell.c: Fix illegal string copy
Sebastian Huber
sebh at rtems.org
Thu Oct 15 17:23:00 UTC 2020
Module: rtems
Branch: master
Commit: 529402f597184a735a691aa95fb32ab9a42946ef
Changeset: http://git.rtems.org/rtems/commit/?id=529402f597184a735a691aa95fb32ab9a42946ef
Author: Frank Kühndel <frank.kuehndel at embedded-brains.de>
Date: Mon Oct 12 18:01:45 2020 +0200
shell/shell.c: Fix illegal string copy
This is an illegal use of strcpy() because one is not allowed to
use this function with overlapping source and destination buffers;
whereas memmove() is explicitly designed to handle such cases.
The copiler warning was:
../../../cpukit/libmisc/shell/shell.c:626:13: warning:
'strcpy' accessing between 1 and 2147483645 bytes at offsets
0 and [1, 2147483647] may overlap up to 2147483644 bytes at
offset [1, 2147483644] [-Wrestrict]
---
cpukit/libmisc/shell/shell.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/cpukit/libmisc/shell/shell.c b/cpukit/libmisc/shell/shell.c
index c5fc1f5..3c357a1 100644
--- a/cpukit/libmisc/shell/shell.c
+++ b/cpukit/libmisc/shell/shell.c
@@ -288,6 +288,16 @@ void rtems_shell_dup_current_env(rtems_shell_env_t *copy)
}
/*
+ * Move a string in a buffer to the left (e.g. when a character
+ * is deleted). The string must be NUL-terminated and the
+ * NUL-character will be moved too.
+ */
+static void rtems_shell_move_left(char *start, size_t offset)
+{
+ memmove(start, start + offset, strlen(start + offset) + 1);
+}
+
+/*
* Get a line of user input with modest features
*/
static int rtems_shell_line_editor(
@@ -393,7 +403,7 @@ static int rtems_shell_line_editor(
{
int end;
int bs;
- strcpy (&line[col], &line[col + 1]);
+ rtems_shell_move_left(line + col, 1);
if (output) {
fprintf(out,"\r%s%s ", prompt, line);
end = (int) strlen (line);
@@ -432,7 +442,7 @@ static int rtems_shell_line_editor(
case 4: /* Control-D */
if (strlen(line)) {
if (col < strlen(line)) {
- strcpy (line + col, line + col + 1);
+ rtems_shell_move_left(line + col, 1);
if (output) {
int bs;
fprintf(out,"%s \b", line + col);
@@ -508,7 +518,7 @@ static int rtems_shell_line_editor(
{
int bs;
col--;
- strcpy (line + col, line + col + 1);
+ rtems_shell_move_left(line + col, 1);
if (output) {
fprintf(out,"\b%s \b", line + col);
for (bs = 0; bs < ((int) strlen (line) - col); bs++)
@@ -625,7 +635,7 @@ static int rtems_shell_line_editor(
int clen = (int) strlen (line);
int bs;
- strcpy (line, line + col);
+ rtems_shell_move_left(line, col);
if (output) {
fprintf(out,"\r%s%*c", prompt, clen, ' ');
fprintf(out,"\r%s%s", prompt, line);
More information about the vc
mailing list