From patchwork Thu Sep 1 17:52:19 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cheng Renquan X-Patchwork-Id: 1120162 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter2.kernel.org (8.14.4/8.14.4) with ESMTP id p81Hs85C016137 for ; Thu, 1 Sep 2011 17:54:08 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757035Ab1IARxT (ORCPT ); Thu, 1 Sep 2011 13:53:19 -0400 Received: from mail-pz0-f42.google.com ([209.85.210.42]:49118 "EHLO mail-pz0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755244Ab1IARxS (ORCPT ); Thu, 1 Sep 2011 13:53:18 -0400 Received: by pzk37 with SMTP id 37so3318485pzk.1 for ; Thu, 01 Sep 2011 10:53:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; bh=xtUoKiptsfHSdGYG/KiN7yH05IjTeSMJxte01TxQ4RA=; b=who/M+n+utZl2yUrJusMdcUNffyVP+8e6q7KvgD+1EIShQV5T1pT+Qm+zfzjm1WjAA lVS1uaLBOBN+GO8skz4IBYKnI69puDXSEn+eEjX02jQC0YGJg2z0VmAH/sAOVYGpRPes nKl2vcZK0Fcp9EJMUyP+psnH13c+VDJV5M4lE= Received: by 10.68.22.200 with SMTP id g8mr416234pbf.283.1314899598019; Thu, 01 Sep 2011 10:53:18 -0700 (PDT) Received: from localhost.localdomain ([67.188.70.153]) by mx.google.com with ESMTPS id u2sm4649348pbq.9.2011.09.01.10.53.14 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 01 Sep 2011 10:53:16 -0700 (PDT) From: crquan@gmail.com To: linux-kbuild@vger.kernel.org, Arnaud Lacombe Cc: Sam Ravnborg , Michal Marek , Nir Tzachar , Randy Dunlap , linux-kernel@vger.kernel.org, c.rq541@comcast.net Subject: [PATCH V3 2/5] scripts/kconfig/nconf: fix memmove's length arg Date: Thu, 1 Sep 2011 10:52:19 -0700 Message-Id: <1314899542-5848-2-git-send-email-crquan@gmail.com> X-Mailer: git-send-email 1.7.6 In-Reply-To: <1314899542-5848-1-git-send-email-crquan@gmail.com> References: <1314899542-5848-1-git-send-email-crquan@gmail.com> Sender: linux-kbuild-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter2.kernel.org [140.211.167.43]); Thu, 01 Sep 2011 17:54:09 +0000 (UTC) From: Cheng Renquan In case KEY_BACKSPACE / KEY_DC to delete a char, it memmove only (len-cursor_position+1) bytes; the default case is to insert a char, it should also memmove exactly (len-cursor_position+1) bytes; the original use of (len+1) is wrong and may access following memory that doesn't belong to result, may cause SegFault in theory; case KEY_BACKSPACE: if (cursor_position > 0) { memmove(&result[cursor_position-1], &result[cursor_position], len-cursor_position+1); cursor_position--; } break; case KEY_DC: if (cursor_position >= 0 && cursor_position < len) { memmove(&result[cursor_position], &result[cursor_position+1], len-cursor_position+1); } break; default: if ((isgraph(res) || isspace(res)) && len-2 < result_len) { /* insert the char at the proper position */ memmove(&result[cursor_position+1], &result[cursor_position], len-cursor_position+1); result[cursor_position] = res; cursor_position++; } Signed-off-by: Cheng Renquan Acked-by: Nir Tzachar --- scripts/kconfig/nconf.gui.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/scripts/kconfig/nconf.gui.c b/scripts/kconfig/nconf.gui.c index d3af04e..3ce2a7c 100644 --- a/scripts/kconfig/nconf.gui.c +++ b/scripts/kconfig/nconf.gui.c @@ -457,7 +457,7 @@ int dialog_inputbox(WINDOW *main_window, /* insert the char at the proper position */ memmove(&result[cursor_position+1], &result[cursor_position], - len+1); + len-cursor_position+1); result[cursor_position] = res; cursor_position++; } else {