New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Instrumented `gets` implementation broken? #6518

Open

hbrodin opened this issue Nov 25, 2022 · 0 comments

Collaborator

hbrodin commented Nov 25, 2022

The wrapper for gets is defined here:
https://github.com/trailofbits/polytracker/blob/master/polytracker/src/taint_sources/taint_sources.cpp#L315-L318

EXT_C_FUNC char *__dfsw_gets(char *str, dfsan_label str_label,
                             dfsan_label *ret_label) {
  long offset = ftell(stdin);
  char *ret = fgets(str, sizeof str, stdin);

It seems to be broken as it is forwarding to fgets with a sizeof str, where str is char* which would mean eight bytes typically.

When I tried to add a test case to verify, it fails to build:

error: use of undeclared identifier 'gets'

gets is removed since C11/C++14 IIUC. Suggestion: Remove the gets-wrapper.

The text was updated successfully, but these errors were encountered:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment