You get that I'm talking about the subsequent read back after copy, right? No
need to be so competitive :)
Also, you're making strange presumptions about me having presumptions. I'm not
trying to say you're wrong or a poor coder, Erik. I was simply offering my
point of view.
Before this thread
> You're absolutely correct if the length of value to be copied is not
> validated prior to the copy. Then, an invalid page could be hit if no
> nil is present within the array or beyond.
wrong. strncpy only copies up to the specified maximum.
the code is ugly but correct.
> To be verbose, my b
Not exactly. But, functionally close enough.
I skipped commenting on strncpy to ignore the plethora of issues with lpd and
focus on the question at hand.
D
On Jun 5, 2013, at 7:20 AM, erik quanstrom wrote:
> On Wed Jun 5 09:15:11 EDT 2013, don.bai...@gmail.com wrote:
>> The first opportunit
You're absolutely correct if the length of value to be copied is not validated
prior to the copy. Then, an invalid page could be hit if no nil is present
within the array or beyond.
I wasn't providing a verbatim patch (notice the function and operator weren't
filled in). I was just providing th
I think your code is wrong. If the NUL byte is present, it doesn't do
anything, however if it is not there, strlen will read more than it
should, and possibly try to read some invalid address.
In case info.host is a fixe size array, a simple
info.host[sizeof info.host - 1] = 0;
would do.
Am 05.06.
On Wed Jun 5 09:15:11 EDT 2013, don.bai...@gmail.com wrote:
> The first opportunity to write a nil byte should always be taken.
> Using sizeof only means that in corner cases memory disclosure may
> occur between where the nil should be and the end of the array. While
> this isn't a security crit
The first opportunity to write a nil byte should always be taken. Using sizeof
only means that in corner cases memory disclosure may occur between where the
nil should be and the end of the array. While this isn't a security critical
app, it is still good coding practice.
x = strlen(info.host)
i agree ... applied to 9atom.
Subject: [sources] applied patch: /n/atom/patch/applied/lpdaemonnit
Reply-To: sour...@9atom.org
email
quans...@quanstro.net
readme
>From: yaroslav
>Subject: [9fans] lpdaemon
in /sys/src/cmd/lp/lpdaemon.c:2
in /sys/src/cmd/lp/lpdaemon.c:297,310
These
info.host[strlen(info.host)] = '\0';
…
info.user[strlen(info.user)] = '\0';
look nonsence as zeros are placed exactly where they already are.
Should read as in following instead:
