Re: [SR-Users] [PATCH] pv: make set_var_value handle overlapping memory

set_var_value() may do memory corruption when a variable is set to the substring of the same variable, this is atleast the case with the s.substr, s.select, s.strip and s.striptail transformation functions which just updates the pointer to its input buffer. As an example, this would trigger a warning in valgrind and memory corruption because the memory areas overlap: $var(x) = $(var(x){s.substr,1,0}); Fix this by using memove() to do the copying instead of strncpy(), also fix the add_var() function, there is no point in using strncpy when we allready know the length of the variable so use memcpy() instead. --- modules/pv/pv_svar.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/pv/pv_svar.c b/modules/pv/pv_svar.c index bb76a1d..7ea01d0 100644 --- a/modules/pv/pv_svar.c +++ b/modules/pv/pv_svar.c @@ -66,7 +66,7 @@ script_var_t* add_var(str *name) return 0; } it->name.len = name->len; - strncpy(it->name.s, name->s, name->len); + memcpy(it->name.s, name->s, name->len); it->name.s[it->name.len] = '\0'; it->next = script_vars; @@ -119,7 +119,10 @@ script_var_t* set_var_value(script_var_t* var, int_str *value, int flags) } var->v.flags |= VAR_VAL_STR; } - strncpy(var->v.value.s.s, value->s.s, value->s.len); + if (var->v.value.s.s != value->s.s) + { + memmove(var->v.value.s.s, value->s.s, value->s.len); + } var->v.value.s.len = value->s.len; var->v.value.s.s[value->s.len] = '\0'; } else {