tinycc-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tinycc-devel] Small patch

From: Domingo Alvarez Duarte
Subject: Re: [Tinycc-devel] Small patch
Date: Thu, 31 Jan 2013 11:58:47 +0000
And I proposed this because snprintf is already used on other parts of tinycc, so no new dependency added.


On Thu, Jan 31, 2013 at 11:57 AM, Domingo Alvarez Duarte <address@hidden> wrote:
Yes strcat append name to "__bound_" and the reason to switch to snprintf on several places like this is to prevent buffer overflow.


On Thu, Jan 31, 2013 at 11:43 AM, Thomas Preud'homme <address@hidden> wrote:
Le jeudi 31 janvier 2013 12:34:27, Stephan Beal a écrit :
> On Thu, Jan 31, 2013 at 12:07 PM, Thomas Preud'homme
<address@hidden>wrote:
> > > -                strcpy(buf, "__bound_");
> > > -                strcat(buf, name);
> > > +                snprintf(buf, sizeof(buf), "__bound_%s", name);
>
> strcpy and strcat are C89 and C99 while snprintf is only C99.
>
>
> The semantics of the above variants are not the same, are they? strcpy()
> and strcat() are both writing to the same address in buf, i.e. strcat is
> overwriting what strcpy() copied into buf. So the end result, unless i'm
> sorely mistaken, is a copy of the name with the __bound_ prefix. strncat()
> is c89, BTW.

strcat copy the second argument at the end of the string pointed at by the
first argument.

So after strcpy you'll have __bound_ and then the strcat will add name at the
end of this string.

Did I misunderstand what you said?

Best regards,

Thomas

_______________________________________________
Tinycc-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/tinycc-devel



reply via email to
[Prev in Thread] Current Thread [Next in Thread]