svn commit: trunk/busybox/coreutils

Denis Vlasenko vda.linux at googlemail.com
Wed Jan 17 23:30:24 UTC 2007


On Wednesday 17 January 2007 20:46, aldot at busybox.net wrote:
> Changeset:
> Modified: trunk/busybox/coreutils/stty.c
> ===================================================================
> --- trunk/busybox/coreutils/stty.c	2007-01-17 19:46:12 UTC (rev 17353)
> +++ trunk/busybox/coreutils/stty.c	2007-01-17 19:46:33 UTC (rev 17354)
> @@ -463,10 +463,10 @@
>  	int buflen;
>  
>  	va_start(args, message);
> -	vsnprintf(buf, sizeof(buf), message, args);
> +	buflen = vsnprintf(buf, sizeof(buf), message, args);

buflen can end up _bigger_ than_ sizeof(buf)!

>  	va_end(args);
> -	buflen = strlen(buf);
> -	if (!buflen) return;
> +	/* buflen = strlen(buf); cheaper not to pull in strlen */
> +	if (!buflen /*|| buflen >= sizeof(buf)*/) return;

Please either restore old code, uncomment >= sizeof
stopgap check or add a comment why it is safe
(it may be - if all callers obviously
will never attempt to print >128 chars).

Thanks.
--
vda



More information about the busybox-cvs mailing list