Re: New version of function mkdirhier()
Svante Signell, le Fri 13 Jan 2012 14:43:06 +0100, a écrit :
> > No, but Guillem probably feels the same, and I do too: it's hard to tell
> > you anything because you quickly get things personally.
>
> I don't consider my replies to be personal
I should have said "you quickly take things personally". It's difficult
to comment on your code because you quickly take it as a personal
criticism, which it is not.
> And the proposed replacement function works properly, with minor
> glitches as you points out.
But it doesn't mean that upstream will happily accept it.
> I thought usage of obsolete library code should be avoided if
> possible, especially when better replacements are available, even when
> creating patches.
Which function are you referring to precisely? Some functions are not
"obsolete", they are just not trivial to use.
> > > The bad thing is that there are still packages depending on this code.
> > > It should go down the drain and depending packages convert to something
> > > else (or a new upstream pops up).
> >
> > I don't understand this. Did you understand what he said? libtar using
> > odd functions is not a problem since if the system does not provide
> > them, then libtar has its own version. I don't see where the depending
> > packages come into play.
>
> Yes, but the fallback version use same non-recommended constructs as the
> POSIX version does (modifying the argument) and I wanted to get rid of
> that for this piece of the code.
I'm lost. What are you referring to exactly?
> > > Might be so, in my opinion strncat is safer than strcat wrt buffer
> > > overflows, but I'm probably wrong.
> >
> > In some cases it's true, in some other cases (like the case at stake),
> > it's wrong.
>
> So the basic knowledge of vulnerability was not totally wrong even if
> not applicable in this case.
Yes.
Samuel
Reply to: