Re: [AD] Re: CVS: allegro/src/dos gripjoy.c,1.9,1.10 sndscape.c,1.8,1.9

["Henrik Stokseth" <hensto@xxxxxxxxxx>]

"Peter Wang" <tjaden@xxxxxxxxxx> wrote:

> It's great that there's some activity on the CVS list...
>
> >Index: gripjoy.c
> >===================================================================
> >RCS file: /cvsroot/alleg/allegro/src/dos/gripjoy.c,v
> >retrieving revision 1.9
> >retrieving revision 1.10
> >diff -u -d -r1.9 -r1.10
> >--- gripjoy.c 6 Nov 2001 17:16:39 -0000 1.9
> >+++ gripjoy.c 2 Jul 2004 16:25:41 -0000 1.10
> >@@ -288,7 +288,7 @@
> >     stick_class[i][stick] = GRIP_CLASS_AXIS;
> >
> >     /* name stick... :( */
> >-     strcpy(tmpstr, "Stick");
> >+     _al_sane_strncpy(tmpstr, "Stick", 1287);
> >     if (joy[i].num_sticks > 1) {
> >        tmpstr[strlen(tmpstr)+2] = '\0';
> >        tmpstr[strlen(tmpstr)+1] = '1'+stick;
> >
> >
> [snip more of the same]
>
> ... but there's no need to get silly with this kind of thing.  The
> strcpy() call was perfectly safe.  Now it's unreadable.

Yes, that particular codeline was safe as it was. My motivation for changing
it was something else. Say some sloppy coder changes the string literal in
the future without checking the buffer size. Then it suddenly becomes a
problem. Also I beleive it is a good thing to show other coders that you are
strict when it comes to checking for buffer overruns, one way or the other.
Using strncpy() saves you a few lines instead of doing it with if/else and
two strcpy()s. And at last the ISO strncpy() is flawed which means Allegro
needed a simmilar function. If you don't like the name, feel free to change
it. al_strncpy() sounds nice.

> Please use sizeof where appropriate.

I'll try to remember that. Thanks.


Sincerely,
Henrik Stokseth.