Sunday, February 08, 2009

exstr dupms core on lenghty strings

Make messages normally uses exstr to extract strings that needs to be localized. It looks like exstr suffers from buffer overflow vulnerability. It dumps core on Solaris 9 with the following program snippet. exstr doesn't seem to process a lengthy string.


void PrintUsage()
{
    std::cout << "#mycmd -option1 -subopt1 -subopt2 -suboption3 \n\
                         -option2 -subopt1 -sbuopt2 -subopt3 \n\
                         ......................... \n\
                         ......................... \n\
                         -option15 -subopt1 -subopt2"
              << std::endl;
}


In order to generate message strings, I had to break the above snippet into ugly looking pieces - quite bad, I had to split the options mid way.


void PrintUsage()
{
    std::cout << "#mycmd -option1 -subopt1 -subopt2 -suboption3 \n\
                         -option2 -subopt1 -sbuopt2 -subopt3 \n\
                         ......................... \n\
                         .........................\n\
                         -option9 -subopt1 -subopt2";

    std::cout << "       -option10 -subopt1 -subopt2 -suboption3 \n\
                         -option11 -subopt1 -sbuopt2 -subopt3 \n\
                         ......................... \n\
                         .........................\n\
                         -option15 -subopt1 -subopt2";
              << std::endl;
}
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)