70225 – sandbox_pids_file code in sandbox needs love.

Bug 70225 - sandbox_pids_file code in sandbox needs love.

Summary: sandbox_pids_file code in sandbox needs love.

Status:	RESOLVED FIXED

Alias:	None

Product:	Portage Development
Classification:	Unclassified
Component:	Sandbox (show other bugs)
Hardware:	All All

Importance:	High normal (vote)
Assignee:	Portage team

URL:
Whiteboard:
Keywords:	InVCS

Depends on:
Blocks:

Reported:	2004-11-06 01:05 UTC by Mr. Bones. (RETIRED)
Modified:	2005-03-08 23:41 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mr. Bones. (RETIRED) gentoo-dev

2004-11-06 01:05:51 UTC

sandbox_pids_file isn't initialized so if get_sandbox_pids_file() returns a string
that's >=254 sandbox_pids_file might not be null terminated.

        char sandbox_pids_file[255];

        tmp_string = get_sandbox_pids_file();
        strncpy(sandbox_pids_file, tmp_string, sizeof(sandbox_pids_file)-1);

later on in the file:

                tmp_string = get_sandbox_pids_file();
                strncpy(sandbox_pids_file, tmp_string, 254);

The magic constant is a disaster waiting to happen.

Both cases probably should just use the pointer from get_sandbox_pids_file() directly and just free it when they're done instead of putting it into a static array.

Comment 1 Brian Harring (RETIRED) gentoo-dev

2004-11-14 22:27:57 UTC

in portage cvs atm, please test.

Comment 2 Brian Harring (RETIRED) gentoo-dev

2005-03-08 23:41:25 UTC

Went out a while back...