This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: Part 2 of Fixing a security hole in mount table.
On Wed, Sep 10, 2003 at 12:50:34PM -0400, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
> >
> > On Wed, Sep 10, 2003 at 09:36:05AM -0400, Pierre A. Humblet wrote:
> > > Corinna Vinschen wrote:
> > > >
> > > > Looks good to me, except for:
> > > >
> > > > > - char name[UNLEN + 1] = "";
> > > > > + char name[UNLEN > 127 ? UNLEN + 1 : 128] = "";
> > > >
> > > > Huh? Why that? UNLEN is defined as 256 in lmcons.h so I don't understand
> > > > the reasoning behind that complexity.
> > > >
> > > Just being paranoid. "name" can either contain a user name
> > > (length UNLEN + 1) or a sid (length 128).
> > > This construction costs nothing (the compiler does the work),
> > > saves me from having to look up the .h file, and protects us
> > > against possible header file changes.
> >
> > Please don't do this. It's just obfuscating the code. Except for this
> > one, the code should be ok to check in.
>
> OK, do you want to change that back and check it in?
> Otherwise I will do it tonight.
Just do it tonight.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.