Bruce Johnson wrote:

char  mdfile[PATHSIZE];
strncpy(mdfile, <pathToFile>, MAXREAD);

FILE * stream = fopen(<pathToFile>, "rt");

On further reflection, this code fragment looks very suspicious.

First, a local char buffer of length PATHSIZE is declared. We don't know what PATHSIZE is.

Second, some unknown variable is copied into that buffer, but the length is declared as MAXREAD, when it really ought to be PATHSIZE.

Since we don't know MAXREAD's magnitude relative to PATHSIZE, nor do we know what <pathToFile> really is, this could cause a buffer overflow. Equally bad, if MAXREAD is less than the strlen of <pathToFile>, strncpy() will not put a NUL terminator on the copied data, and subsequent calls that expect a nul-terminated C string (viz. fopen()) will not do the right thing.

A typical idiom for using strncpy() with buffers whose length is known is:
  strncpy( dstBuf, srcBuf, sizeof(dstBuf) );

Note this idiom only works when dstBuf is declared as an array of definite length. It won't work when dstBuf is a pointer expression.

Third, the 'mdfile' buffer that just received a copy of <pathToFile> is now ignored, and the original <pathToFile> is used as the filename to fopen(). So what was the purpose of mdfile and the strncpy() anyway? If mdfile is used later, why copy <pathToFile> into it? If mdfile isn't used later, why have it at all?

Fourth, the second arg to fopen is "rt". However, the man page for fopen shows no significant for the 't' character. Optional 'b' or 'x', yes, but no 't'.

There is a '+' character recognized by fopen(), and '+' looks somewhat like 't', but that's the only explanation I can imagine for what "rt" might have been intended to mean. If that was the intent, it's wrong. If that wasn't the intent, then an explanation for 't' might be useful.

http://developer.apple.com/documentation/Darwin/Reference/Manpages/ man3/fopen.3.html

  -- GG

_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to