This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: New ARI warning Sat May 28 01:53:47 UTC 2011


> Date: Mon, 30 May 2011 20:34:55 +0200
> From: Jan Kratochvil <jan.kratochvil@redhat.com>
> 
> On Sat, 28 May 2011 03:53:47 +0200, GDB Administrator wrote:
> > 439a440
> > > gdb/linux-nat.c:2368: code: sprintf: Do not use sprintf, instead use xstrprintf
> > gdb/linux-nat.c:2368:  sprintf (buffer, ', lwp);
> 
> This is by me:
>   char buffer[MAXPATHLEN];
>   sprintf (buffer, "/proc/%ld/status", lwp);
> 
> I find the code perfectly correct, as I was told the ARI checks are only
> differential I hope it can be kept as is.

Sorry, no.  Please replace this with a call to xsnprintf.

While this particular call may be safe, people will have to check
again and again that it is whenever they audit the code in the future.
Replacing it with xsnprintf prevents that.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]