[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] [PATCH] Replace unsafe string functions with their
From: |
Christian Kellermann |
Subject: |
Re: [Chicken-hackers] [PATCH] Replace unsafe string functions with their safer counterparts |
Date: |
Tue, 4 Feb 2014 10:11:28 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
* Christian Kellermann <address@hidden> [140204 10:05]:
> Hi Peter,
>
> please find my comments inline.
>
> * Peter Bex <address@hidden> [140203 22:30]:
> > After some reconsideration, I think this is probably a good idea.
> > The big swath of OpenBSD license text for these rather small functions
> > in our chicken.h really disagreed with me (the license is barely smaller
> > than the code!), so I looked around a bit for public domain
> > implementations and found a few. I decided to use the one by
> > C.B. Falconer, as it seems to have seen the most review.
>
> Thanks for considering the patch and taking the time to go through
> it.
>
> If you are concerned with the big license in the code, I will move
> it to LICENSE. I don't know why exchanging the code solves
> this issue, while an even simpler change would do so as well.
>
> I even think the PD version of strlcat has an issue: It assumes
> that the size argument for the dst string is actually larger than
> the strlen(dst). I don't see why this should be a valid assumption
> as this does again provide a potential pitfall when using it.
>
> The OpenBSD version does not trust the size parameter and adjusts
> the length first, then copying the data.
please ignore the last two paragraphs, I need more coffee first.
Sorry for the noise.
--
In the world, there is nothing more submissive and weak than
water. Yet for attacking that which is hard and strong, nothing can
surpass it. --- Lao Tzu