svn commit: trunk/busybox/coreutils
Bernhard Fischer
rep.dot.nop at gmail.com
Thu Jan 18 00:42:33 PST 2007
On Thu, Jan 18, 2007 at 12:30:24AM +0100, Denis Vlasenko wrote:
>On Wednesday 17 January 2007 20:46, aldot at busybox.net wrote:
>> Changeset:
>> Modified: trunk/busybox/coreutils/stty.c
>> ===================================================================
>> --- trunk/busybox/coreutils/stty.c 2007-01-17 19:46:12 UTC (rev 17353)
>> +++ trunk/busybox/coreutils/stty.c 2007-01-17 19:46:33 UTC (rev 17354)
>> @@ -463,10 +463,10 @@
>> int buflen;
>>
>> va_start(args, message);
>> - vsnprintf(buf, sizeof(buf), message, args);
>> + buflen = vsnprintf(buf, sizeof(buf), message, args);
>
>buflen can end up _bigger_ than_ sizeof(buf)!
if the print did fail for whatever reason, buflen would be equal to or
bigger than sizeof(buf), yes.
>
>> va_end(args);
>> - buflen = strlen(buf);
>> - if (!buflen) return;
>> + /* buflen = strlen(buf); cheaper not to pull in strlen */
>> + if (!buflen /*|| buflen >= sizeof(buf)*/) return;
>
>Please either restore old code, uncomment >= sizeof
>stopgap check or add a comment why it is safe
>(it may be - if all callers obviously
>will never attempt to print >128 chars).
A cursory look made me think that the callers do not try to print more
than 128 chars. I've reinstated bailing out if something went wrong (did
cost 4 bytes, but ok..) to be over-cautious. See r17361.
>
>Thanks.
Thanks for the review!
>--
>vda
More information about the busybox
mailing list