This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Implement C11 annex K?


On Mon, Aug 18, 2014 at 01:03:30AM -0700, Paul Eggert wrote:
> Here are details for the above analysis.
> 
> >addrmatch.c:321:
> >... The one-line snprintf version is this horror:
> 
> That's because you wrote it in a horrible way.  This is better:
> 
>    if (snprintf(addrbuf, sizeof addrbuf, "%s", p) >= sizeof addrbuf)
>      return -1;
> 
> Though I wouldn't use snprintf here, as the following distinguishes
> the check from the action more clearly:
> 
>    if (strlen(p) >= sizeof addrbuf)
>      return -1;
>    strcpy(addrbuf, p);

Or even better:

>    if (strnlen(p, sizeof addrbuf) >= sizeof addrbuf)
>      return -1;
>    strcpy(addrbuf, p);

This avoids the unbounded read time ("DoS") issue.

Rich


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]