[ccache] orig_args->argv overrun in args.c:args_strip()
Tim Noell
tnoell at lexmark.com
Wed Jul 20 16:32:36 GMT 2005
Hi ccache List:
First, thanks for a wonderful tool!
(Sorry if someone has already reported this ... I did a quick visual
search of the mailing list archives and didn't see it ...)
I've started using the --ccache-skip flag to omit some project specific
paths from the hash, and found a problem in args.c:args_strip().
Namely, the size of the memmove is argc, but this is incorrect - the
number of argv entries to be moved is argc - i (enough to move all
remaining args and the NULL termination arg). As the code is, this bug
causes an overflow in orig_args->argv when --ccache-skip is used.
Patch against 2.4 below.
Best Regards,
Tim Noell
Lexmark International, Inc.
% diff -Naurw ccache-2.4/args.c.r286 ccache-2.4/args.c
--- ccache-2.4/args.c.r286 2005-07-20 12:30:53.000000000 -0400
+++ ccache-2.4/args.c 2005-07-20 12:16:26.000000000 -0400
@@ -82,7 +82,7 @@
free(args->argv[i]);
memmove(&args->argv[i],
&args->argv[i+1],
- args->argc * sizeof(args->argv[i]));
+ (args->argc - i) * sizeof(args->argv[i]));
args->argc--;
} else {
i++;
More information about the ccache
mailing list