From owner-freebsd-audit Mon Jul 15 4:14:50 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B57537B401 for ; Mon, 15 Jul 2002 04:14:47 -0700 (PDT) Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id F3C1243E31 for ; Mon, 15 Jul 2002 04:14:45 -0700 (PDT) (envelope-from keramida@FreeBSD.org) Received: from hades.hell.gr (patr530-b187.otenet.gr [212.205.244.195]) by mailsrv.otenet.gr (8.12.4/8.12.4) with ESMTP id g6FBEePY023488; Mon, 15 Jul 2002 14:14:43 +0300 (EEST) Received: from hades.hell.gr (hades [127.0.0.1]) by hades.hell.gr (8.12.5/8.12.5) with ESMTP id g6FBEcft051634; Mon, 15 Jul 2002 14:14:39 +0300 (EEST) (envelope-from keramida@FreeBSD.org) Received: (from charon@localhost) by hades.hell.gr (8.12.5/8.12.5/Submit) id g6FBEckr051633; Mon, 15 Jul 2002 14:14:38 +0300 (EEST) (envelope-from keramida@FreeBSD.org) Date: Mon, 15 Jul 2002 14:14:36 +0300 From: Giorgos Keramidas To: Bruce Evans Cc: Dag-Erling Smorgrav , freebsd-audit@FreeBSD.org Subject: Re: bin/ln & WARNS=5 Message-ID: <20020715111436.GD50130@hades.hell.gr> References: <20020715202126.S40071-100000@gamplex.bde.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020715202126.S40071-100000@gamplex.bde.org> X-Operating-System: FreeBSD 5.0-CURRENT i386 X-PGP-Fingerprint: C1EB 0653 DB8B A557 3829 00F9 D60F 941A 3186 03B6 X-Phone: +30-944-116520 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 2002-07-15 20:25 +0000, Bruce Evans wrote: > On 15 Jul 2002, Dag-Erling Smorgrav wrote: > > > Giorgos Keramidas writes: > > > The following allows me to build bin/ln with WARNS=5 on i386. > > > Does it look OK, or have I missed something important? > > > > I'd rather cast sizeof to int. > > That would break the possibly-intentional check for snprintf() failing. > (size_t)-1 >= sizeof(path), but !(-1 >= (int)sizeof(path)). My intuition was that size_t being unsigned won't require truncation of the (int) return value... But if one wanted to explicitly make both a check for (-1) and the return value being less than the size of the buffer would the following be more proper? %%% Index: ln.c =================================================================== RCS file: /home/ncvs/src/bin/ln/ln.c,v retrieving revision 1.28 diff -u -r1.28 ln.c --- ln.c 30 Jun 2002 05:13:54 -0000 1.28 +++ ln.c 15 Jul 2002 11:12:13 -0000 @@ -163,6 +163,7 @@ const char *p; int ch, exists, first; char path[PATH_MAX]; + int pathlen; if (!sflag) { /* If target doesn't exist, quit now. */ @@ -189,8 +190,8 @@ p = target; else ++p; - if (snprintf(path, sizeof(path), "%s/%s", source, p) >= - sizeof(path)) { + if ((pathlen = snprintf(path, sizeof(path), "%s/%s", + source, p)) == -1 || pathlen >= (int)sizeof(path)) { errno = ENAMETOOLONG; warn("%s", target); return (1); %%% To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message