Date: Thu, 30 Aug 2001 17:27:51 +0100 From: Brian Somers <brian@Awfulhak.org> To: Mike Barcroft <mike@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com Subject: Re: cvs commit: src/usr.bin/ftp util.c Message-ID: <200108301627.f7UGRpf07792@hak.lan.Awfulhak.org> In-Reply-To: Message from Mike Barcroft <mike@FreeBSD.org> of "Wed, 29 Aug 2001 16:51:14 PDT." <200108292351.f7TNpEx25148@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> mike 2001/08/29 16:51:14 PDT
>
> Modified files:
> usr.bin/ftp util.c
> Log:
> o Fix some checks on snprintf(3) to prevent miscalculations.
> o This fixes a memory leak that can occur on some URL's.
>
> Pointy hat to: brian
>
> Revision Changes Path
> 1.21 +9 -5 src/usr.bin/ftp/util.c
I don't think this fix is correct, it duplicates the checking of `n'
too many times and overlooks the real bug (although avoiding it in
the normal case). The correct fix (relative to util.c 1.20) is:
Index: util.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/ftp/util.c,v
retrieving revision 1.20
diff -u -r1.20 util.c
--- util.c 2001/08/23 12:53:15 1.20
+++ util.c 2001/08/30 16:23:39
@@ -690,7 +690,7 @@
if (n > 0 && n < sizeof(buf) - len)
len += n;
i = remaining % SECSPERHOUR;
- len += snprintf(buf + len, sizeof(buf) - len,
+ n = snprintf(buf + len, sizeof(buf) - len,
"%02d:%02d ETA", i / 60, i % 60);
}
}
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108301627.f7UGRpf07792>