[omniORB] omniORB4 unterminated string bug in ior.cc
Norrie Quinn
norrie.quinn@tumbleweed.com
Fri Aug 16 03:04:01 2002
A simple bug causing intermittent access violations on Windows for us. The
[] operator on the string does a strlen() on an unterminated string. You
will also find the same bug in tcpEndpoint.cc, tcpAddress.cc, sslEndpoint.cc
and sslAddress.cc.
Regards
Norrie
diff -c -w -r1.1 ior.cc
*** ior.cc 4 Apr 2002 22:48:13 -0000 1.1
--- ior.cc 16 Aug 2002 01:49:44 -0000
***************
*** 660,666 ****
CORBA::ULong hostlen = strchr(host,':') - host;
CORBA::String_var copyhost(CORBA::string_alloc(hostlen));
strncpy(copyhost,host,hostlen);
! copyhost[hostlen] = '\0';
IIOP::Address ssladdr;
ssladdr.host = copyhost._retn();
--- 660,666 ----
CORBA::ULong hostlen = strchr(host,':') - host;
CORBA::String_var copyhost(CORBA::string_alloc(hostlen));
strncpy(copyhost,host,hostlen);
! ((char *)copyhost)[hostlen] = '\0';
IIOP::Address ssladdr;
ssladdr.host = copyhost._retn();