D_FORTIFY_SOURCE and gcc

Question

D_FORTIFY_SOURCE and gcc

This function is intended to generate md5hash:

out = malloc(32+1);
void md5sum( u_char *secret_data, int secret_len, char *in,char *out ) {
        ngx_md5_t       md5;
        u_char hash[16];
        ngx_md5_init(&md5);
        ngx_md5_update(&md5, in, strlen(in));
        ngx_md5_update(&md5, secret_data, secret_len);
        ngx_md5_final(hash, &md5);
        int ii;
        for (ii = 0; ii &lqt; 16; ii++) {
                char tt[2];
                sprintf(tt, "%02x", hash[ii] );
                strcat(out,tt);

        }
}

This works, but if I use the D_FORTIFY_SOURCE option with the gcc compiler, I get a segmentation error. If I change the type ttto:, char tt[3]everything is fine. Why?

+3

c gcc

Lll 12 sept '10 at 15:31

source share

2 answers

Borealid · Answer 1 · 2010-09-12T15:54:14+0000

sprintf places a null character to end the string. Therefore, you need a three-character array to store a two-character string; it really is 'a' 'b' '\ 0'.

Hasturkun · Answer 2 · 2010-09-12T15:53:30+0000

You get a segmentation error because you are trying to write 3 characters to an array of 2 characters. (NUL is also a symbol)

D_FORTIFY_SOURCE and gcc

More articles: