RE: [AD] Re: CVS: allegro/src/dos gripjoy.c,1.9,1.10 sndscape.c,1.8,1.9

[ Thread Index | Date Index | More lists.liballeg.org/allegro-developers Archives ]


Alternatively:

-     strcpy(tmpstr, "Stick");
+     strncpy(tmpstr, "Stick", sizeof(tmpstr) - 1);
+     tmpstr[sizeof(tmpstr) - 1] = 0;

or:

-     strcpy(tmpstr, "Stick");
+     snprintf(tmpstr, sizeof(tmpstr), "Stick");


-----Original Message-----
From: alleg-developers-admin@xxxxxxxxxx
[mailto:alleg-developers-admin@xxxxxxxxxx
Sent: Monday, July 05, 2004 1:49 PM
To: alleg-developers@xxxxxxxxxx
Subject: Re: [AD] Re: CVS: allegro/src/dos gripjoy.c,1.9,1.10
sndscape.c,1.8,1.9


"Peter Wang" <tjaden@xxxxxxxxxx> wrote:

> It's great that there's some activity on the CVS list...
>
> >Index: gripjoy.c
> >===================================================================
> >RCS file: /cvsroot/alleg/allegro/src/dos/gripjoy.c,v
> >retrieving revision 1.9
> >retrieving revision 1.10
> >diff -u -d -r1.9 -r1.10
> >--- gripjoy.c 6 Nov 2001 17:16:39 -0000 1.9
> >+++ gripjoy.c 2 Jul 2004 16:25:41 -0000 1.10
> >@@ -288,7 +288,7 @@
> >     stick_class[i][stick] = GRIP_CLASS_AXIS;
> >
> >     /* name stick... :( */
> >-     strcpy(tmpstr, "Stick");
> >+     _al_sane_strncpy(tmpstr, "Stick", 1287);
> >     if (joy[i].num_sticks > 1) {
> >        tmpstr[strlen(tmpstr)+2] = '\0';
> >        tmpstr[strlen(tmpstr)+1] = '1'+stick;
> >
> >
> [snip more of the same]
>
> ... but there's no need to get silly with this kind of thing.  The
> strcpy() call was perfectly safe.  Now it's unreadable.

Yes, that particular codeline was safe as it was. My motivation for
changing
it was something else. Say some sloppy coder changes the string literal
in
the future without checking the buffer size. Then it suddenly becomes a
problem. Also I beleive it is a good thing to show other coders that you
are
strict when it comes to checking for buffer overruns, one way or the
other.
Using strncpy() saves you a few lines instead of doing it with if/else
and
two strcpy()s. And at last the ISO strncpy() is flawed which means
Allegro
needed a simmilar function. If you don't like the name, feel free to
change
it. al_strncpy() sounds nice.

> Please use sizeof where appropriate.

I'll try to remember that. Thanks.


Sincerely,
Henrik Stokseth.




-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
-- 
https://lists.sourceforge.net/lists/listinfo/alleg-developers




Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/