From: Jérémie Galarneau Date: Thu, 20 Aug 2020 19:38:18 +0000 (-0400) Subject: Fix: memcpy used on potentially overlapping regions X-Git-Tag: v2.12.3~15 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=978644d78122d6ece6f98f2ae3f365aa3e8cb929;p=lttng-tools.git Fix: memcpy used on potentially overlapping regions Caught by reviewing unrelated code, these two uses of memcpy can operate on overlapping buffers. I checked all other uses of "raw" memcpy and those appear safe. Signed-off-by: Jérémie Galarneau Change-Id: I72b1204bc52a92015042adb6a67b022d140f5b4e --- diff --git a/src/bin/lttng-sessiond/notification-thread-events.c b/src/bin/lttng-sessiond/notification-thread-events.c index 9660f9aad..b078b5933 100644 --- a/src/bin/lttng-sessiond/notification-thread-events.c +++ b/src/bin/lttng-sessiond/notification-thread-events.c @@ -2569,7 +2569,7 @@ int client_flush_outgoing_queue(struct notification_client *client, client->socket); to_send_count -= max(ret, 0); - memcpy(client->communication.outbound.buffer.data, + memmove(client->communication.outbound.buffer.data, client->communication.outbound.buffer.data + client->communication.outbound.buffer.size - to_send_count, to_send_count); diff --git a/src/common/utils.c b/src/common/utils.c index d6c67bb0f..2f587bc7c 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -294,7 +294,7 @@ int expand_double_slashes_dot_and_dotdot(char *path) * Copy the current token which is neither a '.' nor a '..'. */ path[expanded_path_len++] = '/'; - memcpy(&path[expanded_path_len], curr_char, curr_token_len); + memmove(&path[expanded_path_len], curr_char, curr_token_len); expanded_path_len += curr_token_len; }