On 15/09/2020 11:02, Aschref Ben-Thabet wrote:
From: Aschref Ben Thabet<aschref.ben-tha...@embedded-brains.de>Replace strcpy with the safer memcpy(). The strcpy() function is designed to work exclusively with strings. strcpy() copies each byte of the source string to the destination string and stops when the terminating null character (\0) has been moved. On the other hand, the memcpy() function is designed to work with any type of data, because not all data ends with a null character, you must provide the memcpy() function with the number of bytes you want to copy from the source to the destination. --- cpukit/libmisc/monitor/mon-editor.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpukit/libmisc/monitor/mon-editor.c b/cpukit/libmisc/monitor/mon-editor.c index a3b408a14f..e6ead104ca 100644 --- a/cpukit/libmisc/monitor/mon-editor.c +++ b/cpukit/libmisc/monitor/mon-editor.c @@ -339,8 +339,8 @@ rtems_monitor_line_editor ( { int end; int bs; - strcpy (&buffer[pos], &buffer[pos + 1]); - fprintf(stdout,"\r%s $ %s", monitor_prompt, buffer); + memcpy(&buffer[pos], &buffer[pos + 1], strlen(&buffer[pos + 1])); + fprintf(stdout, "\r%s $ %s", monitor_prompt, buffer);
This fix makes no sense. Using strcpy() or memcpy() on overlapping memory areas is undefined behavior.
You probably need an memmove(). Since there are similar issues on other places didn't we discuss to add a helper function to this file?
_______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel
