Date: Tue, 24 Nov 1998 00:41:56 -0800 (PST) From: Archie Cobbs <archie@whistle.com> To: bde@zeta.org.au (Bruce Evans) Cc: dillon@apollo.backplane.com, freebsd-current@FreeBSD.ORG, grog@lemis.com, rnordier@nordier.com Subject: Re: snprintf() in the kernel Message-ID: <199811240841.AAA03369@bubba.whistle.com> In-Reply-To: <199811240741.SAA17412@godzilla.zeta.org.au> from Bruce Evans at "Nov 24, 98 06:41:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce Evans writes: > >Thanks to those who checked out the snprintf() patches. "Rev 2" is now > >available in ftp://ftp.whistle.com/pub/archie/misc. I took out > >a bunch of strncpy() patches and tweaked a couple of other things. > > It would be better without any strncpy() patches. Well, it's certainly easy enough to take them out.. however, some are bug fixes... For example, if a function takes a string argument, when can you assume an upper bound on how long the string is? If you "know" it can't be too long then sure, you don't need to check. But unless that's obvious by looking at it (with someone else's eyes, someone who didn't write the code) then for maintainability's sake why not just be safe...? Especially if someone else wanted to change strings and or buffer sizes later. Eg, on alpha a printed "long" may be longer than 10 characters or whatever. When it comes to maintainability, the less dependent things you have to change (and by implication, know about) in order to make a single change, the better.. Of the strncpy() replacements, there are three categories: - "Possibly unterminated string", where one is required: netatm/spans/spans_print.c netatm/uni/uniarp_cache.c pc98/pc98/diskslice_machdep.c pci/pci_compat.c - "Simplification" (eg, replacing constants like "16" with sizeof()) with otherwise no functional effect (including strncpy()'s zero'ing out of the buffer): i386/ibcs2/ibcs2_stat.c i386/ibcs2/ibcs2_xenix.c i386/linux/linux_misc.c netinet/ip_divert.c - "Gratuitous" (?) alpha/tc/tcds.c dev/dpt/dpt_control.c kern/subr_devstat.c netatm/atm_aal5.c netatm/atm_socket.c Tell me which (or all) of these you don't want and I'll take them out; however my instinct would say to keep the first two sets. If it's performance you're thinking about, my general assumption is that string manipulation in the kernel is uncommon, but that could be wrong. Thanks for reviewing :-) -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811240841.AAA03369>