Buffer overflow and Crash due to non-'\0' ended string.

[spwlyzx]

What is the point of (seeming deliberately) converting 2 std::string variables to type std::vector<char>, which strips their ending '\0', before passing them to an API which REQUIRES strings are ended with '\0'?

This crashes my code due to buffer read overflow.

My fix is as follows. Is it correct?

--- a/backward.hpp
+++ b/backward.hpp
@@ -1,4 +1,4 @@
-/*
+/*
  * backward.hpp
  * Copyright 2013 Google Inc. All Rights Reserved.
  *
@@ -3627,9 +3627,7 @@ public:
     ret.image_name = temp;
     GetModuleBaseNameA(process, module, temp, sizeof(temp));
     ret.module_name = temp;
-    std::vector<char> img(ret.image_name.begin(), ret.image_name.end());
-    std::vector<char> mod(ret.module_name.begin(), ret.module_name.end());
-    SymLoadModule64(process, 0, &img[0], &mod[0], (DWORD64)ret.base_address,
+    SymLoadModule64(process, 0, ret.image_name.c_str(), ret.module_name.c_str(), (DWORD64)ret.base_address,
                     ret.load_size);
     return ret;
   }

[bombela]

Agreed this is weird. I have no idea why this landed here without me noticing either. Your fix looks good, feel free to send a PR.

…

On Tue, Nov 11, 2025, 21:00 Daniel ***@***.***> wrote: *spwlyzx* created an issue (bombela/backward-cpp#360) <#360> What is the point of (seeming deliberately) converting 2 std::string variables to type std::vector<char>, which strips their ending '\0', before passing them to an API which REQUIRES strings are ended with '\0'? This crashes my code due to buffer read overflow. My fix is as follows. Is it correct? --- a/backward.hpp +++ b/backward.hpp @@ -1,4 +1,4 @@ -/* +/* * backward.hpp * Copyright 2013 Google Inc. All Rights Reserved. * @@ -3627,9 +3627,7 @@ public: ret.image_name = temp; GetModuleBaseNameA(process, module, temp, sizeof(temp)); ret.module_name = temp; - std::vector<char> img(ret.image_name.begin(), ret.image_name.end()); - std::vector<char> mod(ret.module_name.begin(), ret.module_name.end()); - SymLoadModule64(process, 0, &img[0], &mod[0], (DWORD64)ret.base_address, + SymLoadModule64(process, 0, ret.image_name.c_str(), ret.module_name.c_str(), (DWORD64)ret.base_address, ret.load_size); return ret; } — Reply to this email directly, view it on GitHub <#360>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABUZDFCABQ2MO7VHTVU4UD34HFW5AVCNFSM6AAAAACLYPQZAWVHI2DSMVQWIX3LMV43ASLTON2WKOZTGYYTEMBQHA3TGMI> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[spwlyzx]

Thank you for replying! I'm glad you found the suggested change helpful.

Unfortunately, due to company policies and restrictions on my end, I'm not able to submit a pull request from my work environment. Would it be possible for you to apply the proposed changes yourself?

[bombela]

Sure, seems small enough. To clear up any misunderstanding as I am curious. Your employer uses backward-cpp; an MIT licensed open source library; and presumably; most likely indirectly; makes money with it. They paid you to debug it, write a fix, and send it via an issue request. But they forbid you to send a proper commit?

…

On Thu, Nov 20, 2025, 21:57 Daniel ***@***.***> wrote: *spwlyzx* left a comment (bombela/backward-cpp#360) <#360 (comment)> Thank you for replying! I'm glad you found the suggested change helpful. Unfortunately, due to company policies and restrictions on my end, I'm not able to submit a pull request from my work environment. Would it be possible for you to apply the proposed changes yourself? — Reply to this email directly, view it on GitHub <#360 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABUZDCFQA4KK36GW5E4WDD35W3EBAVCNFSM6AAAAACLYPQZAWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTKNJXHEZDGMZZGU> . You are receiving this because you commented.Message ID: ***@***.***>