You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The problem occurs when the source string, arg_label, is longer than SharedAllocationHeader::maximum_label_length. Of course strncpy() does what it's supposed to do and only copies the first SharedAllocationHeader::maximum_label_length chars out of arg_label.c_str(), but what it doesn't do is null terminate the c string pointed to by RecordBase::m_alloc_ptr->m_label when arg_label is longer than the maximum. Later on another member function, get_label(), is invoked to return the string but it creates a value to return as a std::string using a ctor that takes m_label above as an argument. Unfortunately that particular std::string ctor assumes it's argument, in this case m_label, is null terminated. Since it's not in the case I describe here an overflow occurs.
I've run across what I believe is a bug in Kokkos. Specifically in the function within Kokkos_HostSpace.cpp
In that function there is an invocation of strncpy() as follows:
The problem occurs when the source string, arg_label, is longer than SharedAllocationHeader::maximum_label_length. Of course strncpy() does what it's supposed to do and only copies the first SharedAllocationHeader::maximum_label_length chars out of arg_label.c_str(), but what it doesn't do is null terminate the c string pointed to by RecordBase::m_alloc_ptr->m_label when arg_label is longer than the maximum. Later on another member function, get_label(), is invoked to return the string but it creates a value to return as a std::string using a ctor that takes m_label above as an argument. Unfortunately that particular std::string ctor assumes it's argument, in this case m_label, is null terminated. Since it's not in the case I describe here an overflow occurs.
One possible fix would be:
But I'm not fully aware of what the consequences of this "fix" might be on other parts of the code.
The text was updated successfully, but these errors were encountered: