Possible buffer overrun with _FORTIFY_SOURCE.
Hello there,
we are struggling with a segmentation fault arising on Wheezy
exactly when CPPFLAGS contains "-D_FORTIFY_SOURCE=2".
Looking at the fairly recent patch
cvs-FORTIFY-SOURCE-format-strings.diff
I observe the new code
args_type = &args_size[nargs];
memset (args_type, ..., nargs * sizeof (*args_type));
You are initialising ARGS_TYPE to the very last element
of an array, yet you are setting memory content possibly
far beyond the end point of the very same array. Would not
args_type = &args_size[0];
have been the correct statement? I am fumbling in the dark
as to our problem, but this seems to be a critical point.
Best regards,
Mats Erik Andersson, DM
Reply to: