D_FORTIFY_SOURCE and gcc
This function is for generating md5hash:
out = malloc(32+1);
void md5sum( u_char *secret_data, int secret_len, char *in,char *out ) {
ngx_md5_t md5;
u_char hash[16];
ng开发者_StackOverflow中文版x_md5_init(&md5);
ngx_md5_update(&md5, in, strlen(in));
ngx_md5_update(&md5, secret_data, secret_len);
ngx_md5_final(hash, &md5);
int ii;
for (ii = 0; ii &lqt; 16; ii++) {
char tt[2];
sprintf(tt, "%02x", hash[ii] );
strcat(out,tt);
}
}
It works, but if I use option D_FORTIFY_SOURCE with gcc compiler, I get a segmentation fault. If I change type of tt
to: char tt[3]
, all is ok. Why?
sprintf is putting in a null character to terminate the string. So you need a three-character array to hold a two-character string; it's really 'a' 'b' '\0'.
You're getting a segmentation fault because you are trying to write 3 characters into a 2 character array. (NUL is a character too)
精彩评论