| 1 |
Hi lee |
| 2 |
|
| 3 |
On 2015-12-29, lee wrote: |
| 4 |
|
| 5 |
> When you perform a strcpy() and overflow the destination buffer, you are |
| 6 |
> supposed to experience a segmentation fault. It shouldn't matter |
| 7 |
> whether you run a hardened profile or not for detecting these. |
| 8 |
|
| 9 |
Ok. Thanks for the explanation. |
| 10 |
|
| 11 |
> I imagine it was discovered that a segmentation fault did occur, and |
| 12 |
> that it inevitably would occur --- since gcc tells you that one will |
| 13 |
> occur when using __builtin___strcpy_chk() --- and the application was |
| 14 |
> terminated. Otherwise, the test would have been unsuccessful. |
| 15 |
|
| 16 |
Ok. |
| 17 |
|
| 18 |
> Whether this is a bug or not depends on what you're supposed to expect, |
| 19 |
> which I don't know. If someone would run the test suite on a |
| 20 |
> non-hardened profile and got the same warning from gcc, but vim wouldn't |
| 21 |
> be terminated when the segmentation fault occurs, then I'd be worried. |
| 22 |
|
| 23 |
Ok. Well, I don't know either what to expect. I haven't got |
| 24 |
enough knowledge to analyse this. I posted it here because I |
| 25 |
was told so ;-) |
| 26 |
|
| 27 |
-- |
| 28 |
Greetings |
| 29 |
Elias |
Archives