Part 2 of Fixing a security hole in mount table.

Pierre A. Humblet pierre@phumblet.no-ip.org
Wed Sep 10 13:36:00 GMT 2003


Corinna Vinschen wrote:
> 
> Looks good to me, except for:
> 
> > -  char name[UNLEN + 1] = "";
> > +  char name[UNLEN > 127 ? UNLEN + 1 : 128] = "";
> 
> Huh?  Why that?  UNLEN is defined as 256 in lmcons.h so I don't understand
> the reasoning behind that complexity.
> 
Just being paranoid. "name" can either contain a user name
(length UNLEN + 1) or a sid (length 128). 
This construction costs nothing (the compiler does the work),
saves me from having to look up the .h file, and protects us
against possible header file changes.

Pierre



More information about the Cygwin-patches mailing list