Date: Wed, 24 Nov 1999 10:19:49 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Brian Fundakowski Feldman <green@FreeBSD.ORG> Cc: peter.jeremy@alcatel.com.au, Kris Kennaway <kris@hub.freebsd.org>, current@FreeBSD.ORG Subject: Re: FreeBSD security auditing project. Message-ID: <199911241519.KAA29757@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.BSF.4.10.9911232317170.40485-100000@green.dyndns.org> References: <99Nov24.075703est.40331@border.alcanet.com.au> <Pine.BSF.4.10.9911232317170.40485-100000@green.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 23 Nov 1999 23:33:14 -0500 (EST), Brian Fundakowski Feldman <green@FreeBSD.ORG> said: > #define SNPARGS(buf, len) buf + len, sizeof(buf) > len ? sizeof(buf) - len : 0 > char action2[32], proto[47], name[18], fragment[17]; > /* Print command name */ > snprintf(SNPARGS(name, 0), "ipfw: %d", f ? f->fw_number : -1); > Despite the fact that the buffer name[] was made to be exactly the > largest size Exactly the largest size of what? All I see here is a magic number. Perhaps if name[] had been declared thus: #define INTTYPE_NCHARS(t) ((sizeof(t) * 3 * CHAR_BIT + 7) / 8) char name[(sizeof "ipfw: ") + INTTYPE_NCHARS(int)]; ...but even then, if KNF is followed, this declaration might be so far away from the printf format that when the format is modified, the programmer might forget to modify the declaration as well. snprintf is a good thing. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911241519.KAA29757>