Date: Mon, 15 Jul 2002 12:19:58 -0400 From: Mike Barcroft <mike@FreeBSD.org> To: "M. Warner Losh" <imp@bsdimp.com> Cc: keramida@FreeBSD.ORG, bde@zeta.org.au, des@ofug.org, freebsd-audit@FreeBSD.ORG Subject: Re: bin/ln & WARNS=5 Message-ID: <20020715121958.D64412@espresso.q9media.com> In-Reply-To: <20020715.090420.83279095.imp@bsdimp.com>; from imp@bsdimp.com on Mon, Jul 15, 2002 at 09:04:20AM -0600 References: <xzpele59w21.fsf@flood.ping.uio.no> <20020715202126.S40071-100000@gamplex.bde.org> <20020715111436.GD50130@hades.hell.gr> <20020715.090420.83279095.imp@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
M. Warner Losh <imp@bsdimp.com> writes:
> In message: <20020715111436.GD50130@hades.hell.gr>
> Giorgos Keramidas <keramida@FreeBSD.ORG> writes:
> : + if ((pathlen = snprintf(path, sizeof(path), "%s/%s",
> : + source, p)) == -1 || pathlen >= (int)sizeof(path)) {
>
> That's down right stupid.
>
> snprintf never returns a negative number. It always returns the
> number of characters that it would have used to make the string.
C99 standardized -1 as a possible return value for encoding errors.
I'm not sure why the return value is int and not ssize_t though
(probably because C99 doesn't have an ssize_t).
> The code was right before. However, maybe the following is better and
> clearer:
>
> if (strlen(source) + strlen(p) + 1 >= PATH_MAX) {
> ... ETOOLONG stuff
> }
> snprintf(...);
You might just as well use sprintf() at this point.
Best regards,
Mike Barcroft
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020715121958.D64412>