[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: New version of function mkdirhier()

Svante Signell, le Fri 13 Jan 2012 14:43:06 +0100, a écrit :
> > No, but Guillem probably feels the same, and I do too: it's hard to tell
> > you anything because you quickly get things personally.
> I don't consider my replies to be personal

I should have said "you quickly take things personally". It's difficult
to comment on your code because you quickly take it as a personal
criticism, which it is not.

> And the proposed replacement function works properly, with minor
> glitches as you points out.

But it doesn't mean that upstream will happily accept it.

> I thought usage of obsolete library code should be avoided if
> possible, especially when better replacements are available, even when
> creating patches.

Which function are you referring to precisely?  Some functions are not
"obsolete", they are just not trivial to use.

> > > The bad thing is that there are still packages depending on this code.
> > > It should go down the drain and depending packages convert to something
> > > else (or a new upstream pops up).
> > 
> > I don't understand this. Did you understand what he said? libtar using
> > odd functions is not a problem since if the system does not provide
> > them, then libtar has its own version. I don't see where the depending
> > packages come into play.
> Yes, but the fallback version use same non-recommended constructs as the
> POSIX version does (modifying the argument) and I wanted to get rid of
> that for this piece of the code.

I'm lost. What are you referring to exactly?

> > > Might be so, in my opinion strncat is safer than strcat wrt buffer
> > > overflows, but I'm probably wrong.
> > 
> > In some cases it's true, in some other cases (like the case at stake),
> > it's wrong.
> So the basic knowledge of vulnerability was not totally wrong even if
> not applicable in this case.



Reply to: