From owner-cvs-all Mon Mar 18 7:54:36 2002 Delivered-To: cvs-all@freebsd.org Received: from alcatraz.iptelecom.net.ua (alcatraz.iptelecom.net.ua [212.9.224.15]) by hub.freebsd.org (Postfix) with ESMTP id AA80037B404; Mon, 18 Mar 2002 07:54:13 -0800 (PST) Received: from ipcard.iptcom.net (ipcard.iptcom.net [212.9.224.5]) by alcatraz.iptelecom.net.ua (8.9.3/8.9.3) with ESMTP id RAA20687; Mon, 18 Mar 2002 17:53:18 +0200 (EET) (envelope-from sobomax@FreeBSD.org) Received: from vega.vega.com (h245.234.dialup.iptcom.net [212.9.234.245]) by ipcard.iptcom.net (8.9.3/8.9.3) with ESMTP id RAA23251; Mon, 18 Mar 2002 17:53:15 +0200 (EET) (envelope-from sobomax@FreeBSD.org) Received: from FreeBSD.org (big_brother.vega.com [192.168.1.1]) by vega.vega.com (8.11.6/8.11.3) with ESMTP id g2IFqi101320; Mon, 18 Mar 2002 17:52:44 +0200 (EET) (envelope-from sobomax@FreeBSD.org) Message-ID: <3C960D8E.E89B684F@FreeBSD.org> Date: Mon, 18 Mar 2002 17:53:50 +0200 From: Maxim Sobolev Organization: Vega International Capital X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,uk,ru MIME-Version: 1.0 To: Peter Pentchev Cc: Mikhail Teterin , imp@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/libexec/xtend user.c xtend.c References: <20020318141639.B1326@straylight.oblivion.bg> <200203181534.g2IFYN3b020895@aldan.algebra.com> <20020318174145.A10603@straylight.oblivion.bg> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Peter Pentchev wrote: > > On Mon, Mar 18, 2002 at 10:34:23AM -0500, Mikhail Teterin wrote: > > On 18 Mar, Peter Pentchev wrote: > > > On Sun, Mar 17, 2002 at 11:14:59PM -0800, Warner Losh wrote: > > >> imp 2002/03/17 23:14:59 PST > > >> > > >> Modified files: > > >> libexec/xtend user.c xtend.c > > >> Log: > > >> o MAXPATHLEN is the correct constant to use for path names, it includes > > >> the NULL. > > >> o use snprintf in preference to unchecked strcat in a couple of places that > > >> likely can't overflow. Makes it easier to grep for strcpy :-) > > > > > > /me sprinkles some magic comma dust over the naughty-naughty imp :) > > > [IOW, please try the attached patch :] > > > > Since the X10DIR and X10DUMPNAME are both known at compile time, why not > > > > - snprintf(dumppath, sizeof(dumppath), "%s/%s", X10DIR, X10DUMPNAME); > > + strncpy(dumppath, X10DIR "/" X10DUMPNAME, sizeof(dumppath)); > > > > and so on? (The plain strcpy would do just fine here too, IMO :) > > strncpy() does not null-terminate properly; strcpy() requires attention > from the programmer to make sure that long enough buffers have been > provided. /me hands strlcpy() to roam :) -Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message