https://sourceware.org/bugzilla/show_bug.cgi?id=20499
--- Comment #4 from Nick Clifton <nickc at redhat dot com> --- Created attachment 9468 --> https://sourceware.org/bugzilla/attachment.cgi?id=9468&action=edit Proposed patch In reply to Tobias Stoeckmann from comment #3) Hi Tobias, > The variable "name" is malloc()ed, so the content cannot be guaranteed to be > nul-terminated after first iteration (scanf fails, of course). Actually the sscanf ought to seg-fault, although you are right, it porbably wont. What do you think of this potential patch ? It fixes the sscanf calls so that a maximum buffer width is used. sscanf will ensure that the returned string is NULL terminated, so the strlen should then work. Cheers Nick PS. I think that it would be better to use a #define'd constant for BUFSIZ and a related macro to create the sscanf format string. That way if someone wants to change BUFSIZE in the future they will not have to worry about updating the sscanf format as well. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils