Ethereal-dev: Re: [Ethereal-dev] array subscript out of range

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>
Date: Tue, 21 Dec 2004 11:40:19 -0800
Radek Vokal wrote:

The source code is

        p_conv_data->method[MAX_T38_SETUP_METHOD_SIZE] = '\0';

Suggest
        p_conv_data->method[MAX_T38_SETUP_METHOD_SIZE - 1] = '\0';

might be better code.

Defining "method" to have MAX_T38_SETUP_METHOD_SIZE+1 elements might be better, as that'd make it clear that MAX_T38_SETUP_METHOD_SIZE is the maximum number of characters in the string, not counting the '\0'. It should perhaps be defined as 7, rather than 8, to avoid wasting 3 pad bytes.

The same applies to the RTP and RTCP dissectors. I've checked in a change to fix those in a similar fashion, as well as making "method" have MAX_T38_SETUP_METHOD_SIZE+1 elements (and to back out the packet-t38.c change, as it's not necessary if "method" has MAX_T38_SETUP_METHOD_SIZE+1 elements).

Should we be using "strlcpy()", instead, for these purposes? Its API is a bit clearer, perhaps avoiding those problems. We'd supply our own "strlcpy()" on platforms that lack it (just as tcpdump does).