Date: Mon, 18 Mar 2002 17:53:50 +0200 From: Maxim Sobolev <sobomax@FreeBSD.org> To: Peter Pentchev <roam@ringlet.net> Cc: Mikhail Teterin <mi@aldan.algebra.com>, imp@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/libexec/xtend user.c xtend.c Message-ID: <3C960D8E.E89B684F@FreeBSD.org> References: <20020318141639.B1326@straylight.oblivion.bg> <200203181534.g2IFYN3b020895@aldan.algebra.com> <20020318174145.A10603@straylight.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Pentchev wrote: > > On Mon, Mar 18, 2002 at 10:34:23AM -0500, Mikhail Teterin wrote: > > On 18 Mar, Peter Pentchev wrote: > > > On Sun, Mar 17, 2002 at 11:14:59PM -0800, Warner Losh wrote: > > >> imp 2002/03/17 23:14:59 PST > > >> > > >> Modified files: > > >> libexec/xtend user.c xtend.c > > >> Log: > > >> o MAXPATHLEN is the correct constant to use for path names, it includes > > >> the NULL. > > >> o use snprintf in preference to unchecked strcat in a couple of places that > > >> likely can't overflow. Makes it easier to grep for strcpy :-) > > > > > > /me sprinkles some magic comma dust over the naughty-naughty imp :) > > > [IOW, please try the attached patch :] > > > > Since the X10DIR and X10DUMPNAME are both known at compile time, why not > > > > - snprintf(dumppath, sizeof(dumppath), "%s/%s", X10DIR, X10DUMPNAME); > > + strncpy(dumppath, X10DIR "/" X10DUMPNAME, sizeof(dumppath)); > > > > and so on? (The plain strcpy would do just fine here too, IMO :) > > strncpy() does not null-terminate properly; strcpy() requires attention > from the programmer to make sure that long enough buffers have been > provided. /me hands strlcpy() to roam :) -Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C960D8E.E89B684F>