This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Harden put*ent functions against data injection [BZ #18724]

From: Mike Frysinger <vapier at gentoo dot org>
To: Florian Weimer <fweimer at redhat dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Mon, 27 Jul 2015 23:19:24 -0400
Subject: Re: [PATCH] Harden put*ent functions against data injection [BZ #18724]
Authentication-results: sourceware.org; auth=none
References: <55B64BE2 dot 9060905 at redhat dot com>

On 27 Jul 2015 17:18, Florian Weimer wrote:
> -      int i;
> -
> -      for (i = 0 ; gr->gr_mem[i] != NULL; i++)
> +      for (size_t i = 0 ; gr->gr_mem[i] != NULL; i++)

if you're tweaking style(ish), should trim the space before the first ; too


> --- /dev/null
> +++ b/grp/tst-putgrent.c
>
> +      ++errors;
> ...
> +  return errors > 0;

is an error count really necessary ?  just make it a bool.
<paranoid>don't want it to overflow</paranoid>

> +check (const char *what, _Bool expr)

why not "bool" ?
-mike

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: [PATCH] Harden put*ent functions against data injection [BZ #18724]
  - From: Florian Weimer

References:
- [PATCH] Harden put*ent functions against data injection [BZ #18724]
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]