This is the mail archive of the xconq7@sources.redhat.com mailing list for the Xconq project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: xconq/8: Rule called "replace".

From: Eric McDonald <emcdonal at cps dot cmich dot edu>
To: Erik Sigra <sigra at home dot se>
Cc: xconq7 at sources dot redhat dot com
Date: Wed, 6 Aug 2003 19:47:26 -0400 (EDT)
Subject: Re: xconq/8: Rule called "replace".
References: <200308061536.14050.sigra@home.se>

On Wed, 6 Aug 2003, Erik Sigra wrote:

> * Make sure that the name is not too long for the buffer. (But does the rest
>   of xconq always check such things?)

No. But, my personal opinion is that these things should be checked for,
even if it means either truncating strings or dynamically allocating
memory to accomodate them. Xconq is quite admirable in that it tries to do
a lot with pre-allocated buffers, but my admiration ends where segfaults begin.

I added a patch about a month ago that did address some of these buffer
overflows (by using dynamic allocation), and I didn't get any negative
feedback about it, __FWIW.

  Regards,
    Eric

Follow-Ups:
- Re: xconq/8: Rule called "replace".
  - From: Erik Sigra

References:
- Re: xconq/8: Rule called "replace".
  - From: Erik Sigra

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]