Le 22/06/2018 à 16:43, Breno Leitao a écrit :
Hi Segher,
On 06/21/2018 08:18 PM, Segher Boessenkool wrote:
On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote:
- strncpy(prog, argv[0], strlen(argv[0]));
+ strncpy(prog, argv[0], sizeof(prog) - 1);
strncpy(prog, argv[0], sizeof prog);
if (prog[sizeof prog - 1])
scream_bloody_murder();
Silently using the wrong data is a worse habit than not checking for
overflows ;-)
Completely agree! Thanks for bringing this up.
If you don't mind, I would solve this problem slightly different, as it seems
to be more readable.
- strncpy(prog, argv[0], strlen(argv[0]));
+ if (strlen(argv[0]) >= LEN_MAX){
wouldn't it be better to use sizeof(prog) instead of LEN_MAX ?
+ fprintf(stderr, "Very big executable name: %s\n", argv[0]);
+ return 1;
+ }
+
+ strncpy(prog, argv[0], sizeof(prog) - 1);
You have checked before that argv[0] is not too long, so you should not
need to use strncpy(), strcpy() would do it.
return test_harness(dscr_inherit_exec, "dscr_inherit_exec_test");
Christophe
