Re: [Patch] Off by one in drivers/usb/input/yealink.c

From: Eric Sesterhenn / Snakebyte
Date: Thu Jul 06 2006 - 10:39:27 EST

Next message: Krzysztof Halasa: "Re: How to reset pci device"
Previous message: J.A. MagallÃn: "Re: 2.6.17-mm6"
In reply to: Dmitry Torokhov: "Re: [Patch] Off by one in drivers/usb/input/yealink.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Dmitry Torokhov (dtor@xxxxxxxxxxxxx) wrote:
> On Wednesday 05 July 2006 20:49, Eric Sesterhenn / Snakebyte wrote:
> > I looked at this code several times too, and tried to reproduce the bug
> > with the following little program:
> >
> > #include <string.h>
> > int main(int argc, char **argv) {
> > char foo[] = "abcdef";
> > int i = 0;
> >
> > foo[strlen(foo)] = 'X';
> > do {
> > putchar(foo[i]);
> > } while (++i < sizeof(foo));
> > }
> >
> > Which clearly shows that the terminating '\0' gets printed too,
> > replaced by the X for better visibility, so the code
> > runs past the array, or did I fail to replicate the original
> > code somewhere?
> >
>
> What do you mean "the code runs past the array"? The size of array is 7
> (compiler allocates the space for terminating '\0') and the array is
> printed in its entirety.

arg, of course \0 is part of the array, sorry bothering you guys
with this stuff :( Another coverity report i analyzed incorrect... :(

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Krzysztof Halasa: "Re: How to reset pci device"
Previous message: J.A. MagallÃn: "Re: 2.6.17-mm6"
In reply to: Dmitry Torokhov: "Re: [Patch] Off by one in drivers/usb/input/yealink.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]