hi Segher,
On 06/22/2018 10:10 PM, Segher Boessenkool wrote:
>> - strncpy(prog, argv[0], strlen(argv[0]));
>> + if (strlen(argv[0]) >= LEN_MAX){
>> + fprintf(stderr, "Very big executable name: %s\n", argv[0]);
>> + return 1;
>> + }
>> +
>> + strncpy(prog, argv[0], sizeof(prog) - 1);
>
> The strlen reads all of argv[0], which can be very big in theory. It won't
> matter in this test file -- program arguments cannot be super long, for one
> thing -- but it's not a good idea in general (that is one of the problems
> of strlcpy, btw).
>
> Best of course is to avoid string length restrictions completely, if you can.
Right, I was thinking about this problem and there is no motivation to have a
statically allocated and limited region.
I will send a v2 where 'prog' and avoid this restriction completely.
Thanks
