Date: Mon, 18 Mar 2002 17:41:45 +0200 From: Peter Pentchev <roam@ringlet.net> To: Mikhail Teterin <mi@aldan.algebra.com> Cc: imp@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/libexec/xtend user.c xtend.c Message-ID: <20020318174145.A10603@straylight.oblivion.bg> In-Reply-To: <200203181534.g2IFYN3b020895@aldan.algebra.com>; from mi@aldan.algebra.com on Mon, Mar 18, 2002 at 10:34:23AM -0500 References: <20020318141639.B1326@straylight.oblivion.bg> <200203181534.g2IFYN3b020895@aldan.algebra.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Mon, Mar 18, 2002 at 10:34:23AM -0500, Mikhail Teterin wrote: > On 18 Mar, Peter Pentchev wrote: > > On Sun, Mar 17, 2002 at 11:14:59PM -0800, Warner Losh wrote: > >> imp 2002/03/17 23:14:59 PST > >> > >> Modified files: > >> libexec/xtend user.c xtend.c > >> Log: > >> o MAXPATHLEN is the correct constant to use for path names, it includes > >> the NULL. > >> o use snprintf in preference to unchecked strcat in a couple of places that > >> likely can't overflow. Makes it easier to grep for strcpy :-) > > > > /me sprinkles some magic comma dust over the naughty-naughty imp :) > > [IOW, please try the attached patch :] > > Since the X10DIR and X10DUMPNAME are both known at compile time, why not > > - snprintf(dumppath, sizeof(dumppath), "%s/%s", X10DIR, X10DUMPNAME); > + strncpy(dumppath, X10DIR "/" X10DUMPNAME, sizeof(dumppath)); > > and so on? (The plain strcpy would do just fine here too, IMO :) strncpy() does not null-terminate properly; strcpy() requires attention from the programmer to make sure that long enough buffers have been provided. snprintf() avoids both of these :) And anyway, the decision to use snprintf() over strcpy() was Warner's -- not that I am trying to evade responsiblity, I fully support it; still, I was just fixing the bugs he introduced in the transition :) G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 What would this sentence be like if it weren't self-referential? [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyWCrkACgkQ7Ri2jRYZRVPYkgCcCXnsu9I33nj+YAVXrLaieFwv YQkAn3spQWGlcOn6cFCXS2NKaRXksYDB =y25F -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020318174145.A10603>