Tito wrote: > > Hi, > by compiling the latest svn i get this warning: > > CC archival/tar.o > archival/tar.c: In function ‘writeFileToTarball’: > archival/tar.c:183: warning: call to __builtin___strcpy_chk will always > overflow destination buffer > AR archival/lib.a > LINK busybox_unstripped > Trying libraries: crypt m > Library crypt is needed > Library m is needed > Final link with: crypt m > > > and after changing the line 183 of tar.c > > - strcpy(hp->magic, "ustar "); > + strcpy(hp->magic, "ustar"); > > there is no segfault due to the fact > that the size of hp->magic is > > char magic[6]; /* 257-262 */ > > [EMAIL PROTECTED]:~/Desktop/busybox# touch a s d > [EMAIL PROTECTED]:~/Desktop/busybox# ./busybox tar cf test.tar a s d > [EMAIL PROTECTED]:~/Desktop/busybox# ls -la test.tar > -rw-r--r-- 1 root root 2560 2007-11-16 14:15 test.tar > > > I cannot say if this fix is correct or if maybe it should be > done the other way by increasing the size of char magic > to 8. > >
hi tito, this is a classical bug. :) i vote for: prevent the next overflow. strncpy(hp->magic, "ustar",sizeof(hp->magic)); re, walter _______________________________________________ busybox mailing list busybox@busybox.net http://busybox.net/cgi-bin/mailman/listinfo/busybox
