[CWB] [ cwb-Bugs-3058717 ] cl_string_canonical: risk of buffer
overflow
SourceForge.net
noreply at sourceforge.net
Mon Aug 1 00:55:23 CEST 2011
Bugs item #3058717, was opened at 2010-09-03 11:00
Message generated for change (Settings changed) made by andrewhardie
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=722303&aid=3058717&group_id=131809
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: CL low-level library
>Group: TODO-3.5
Status: Open
Resolution: None
Priority: 7
Private: No
Submitted By: Andrew Hardie (andrewhardie)
Assigned to: Andrew Hardie (andrewhardie)
Summary: cl_string_canonical: risk of buffer overflow
Initial Comment:
cl_string_canonical currently modifies strings in situ. It will be more convenient for it to always return a newly allocated string unless specifically instructed.
char *
cl_string_canonical(char *s, CorpusCharset charset, int flags, size_t inplace_bufsize)
If inplace_bufsize == 0 (or negative), a newly allocated string is returned.
If inplace_bufsize > 0, s is modified in-place up to a maximum size of inplace_bufsize-1 characters (plus NUL terminator). If the normalised string doesn't fit into the buffer, the extra characters are dropped silently. For UTF-8 strings, the result allocated by Glib is copied to s (dropping characters that don't fit) and then free'd, as in the current implementation.
This will break backwards compartibiltiy of the CL.
----------------------------------------------------------------------
>Comment By: Andrew Hardie (andrewhardie)
Date: 2011-07-31 22:55
Message:
I have flagged this as a 3.5 issue, but because of the compatibility
issues, 4.0 might be better
----------------------------------------------------------------------
Comment By: Andrew Hardie (andrewhardie)
Date: 2010-09-03 11:02
Message:
http://cwb.svn.sourceforge.net/viewvc/cwb/cwb/trunk/doc/html/special-chars_8c.html#a708281d7f482a1999c70df6c353d66e1
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=722303&aid=3058717&group_id=131809
More information about the CWB
mailing list