Package: strace
Version: 4.5.17+cvs080723-2
Severity: normal
In printstr, the malloc'ed memory for outstr is insufficient if
the string to be printed is longer than max_strlen and is made
of "binary" characters (expanded to \oct). There are two possible
fixes. The worse one I think is to add
if (size == max_strlen+1)
size = max_strlen;
just before the call to string_quote, while the better one is to
limit size to max_stren as provided by the attached patch.
Loïc
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.29.3 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages strace depends on:
ii libc6 2.9-12 GNU C Library: Shared libraries
strace recommends no packages.
strace suggests no packages.
-- no debconf information
--- strace-4.5.17+cvs080723/util.c.orig 2009-06-02 11:45:26.000000000 +0200
+++ strace-4.5.17+cvs080723/util.c 2009-06-02 11:53:42.000000000 +0200
@@ -549,14 +549,14 @@
}
if (len < 0) {
- size = max_strlen + 1;
+ size = max_strlen;
if (umovestr(tcp, addr, size, str) < 0) {
tprintf("%#lx", addr);
return;
}
}
else {
- size = MIN(len, max_strlen + 1);
+ size = MIN(len, max_strlen);
if (umoven(tcp, addr, size, str) < 0) {
tprintf("%#lx", addr);
return;
