Complete.Org: Mailing Lists: Archives: freeciv-dev: September 2001:
[Freeciv-Dev] Re: Fwd: Re: Re: Request (PR#939) 		Home

[Freeciv-Dev] Re: Fwd: Re: Re: Request (PR#939)

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: freeciv-dev@xxxxxxxxxxx
Cc: bugs@xxxxxxxxxxxxxxxxxxx
Subject: [Freeciv-Dev] Re: Fwd: Re: Re: Request (PR#939)
From: Paul Zastoupil <paulz@xxxxxxxxxxxx>
Date: Thu, 6 Sep 2001 17:52:27 -0700 (PDT) 
On Thu, Sep 06, 2001 at 11:08:06AM +0200, Raimar Falke wrote:
> On Thu, Sep 06, 2001 at 03:42:41AM -0400, Jason Dorje Short wrote:
> > Raimar Falke wrote:
> > > 
> > 
> > > > +  char wallbuffer[2048];
> > > > +  wallbuffer[0]=0;
> > > > +  cat_snprintf(wallbuffer, sizeof(wallbuffer),"%s",str);
> > > 
> > > What about strncpy? printf seems like overkill here.
> > > 
> > > Otherwise it looks fine.
> > 
> > strncpy doesn't NULL-terminate (unless you do it manually afterwards, of
> > course).  
> 
> I overread the not in "the result wil not be null-terminated". argl
> 
> > In the hugely bizarre case where str is longer than wallbuffer a
> > buffer overflow would be Undesirable.
> 
> Ack.
> 
> > My question is why cat_snprintf was used instead of snprintf
> > (mysnprintf).  What's wrong with
> > 
> >   mysnprintf(wallbuffer, sizeof(walluffer), "%s", str);
> > 
> > and why would you ever think to use cat_snprintf with manual termination
> > first?
> > 
> > And if you do use cat_snprintf, why wouldn't you do
> > 
> >   cat_snprintf(wallbuffer,
> >                sizeof(wallbuffer)-strlen(wallbuffer),
> >                "%s", str);
> 
> This whole case looks like an ideal application for mystrlcpy.

And a new version using mystrlcpy.

-- 
Paul Zastoupil

Attachment: latestwall.diff
Description: Text document

[Prev in Thread] Current Thread [Next in Thread]