On Sat, Nov 17, 2012 at 05:25:35PM -0500, Michael Gilbert wrote:
> I've just reviewed this, and it looks mostly good. I did notice
> things like the following:
>
> + FILE *f;
> ++ char path[1024];
> ++ sprintf(path, "%s/%s", getenv("HOME"), ".etw/etw.cfg" );
> + D(bug("Reading configuration...\n"/*-*/));
>
> Note that a hardcoded 1024 isn't very portable. C defines PATH_MAX
> for this purpose. Please use that instead.
1024 is more portable than PATH_MAX...
This define should have died a couple of decades ago, and it's kept only for
compat purposes. If you use it, you'll get a FTBFS on Hurd, as they decided
to force the issue and get rid of the blighter.
You can sometimes get suggestions to use pathconf(_PC_PATH_MAX), which is
even worse, as you'd be dynamically allocating a static buffer.
And obviously, the code above has a buffer overflow, no matter if you use
1024 bytes or PATH_MAX. You'd want asprintf() or an equivalent.
--
How to squander your resources: those silly Swedes have a sauce named
"hovmästarsås", the best thing ever to put on cheese, yet they waste it
solely on mere salmon.
Attachment:
signature.asc
Description: Digital signature