Hi! On Sat, 2014-04-26 at 10:12:49 +0200, Niels Thykier wrote: > I spotted this piece of code in src/unpack.c (around line 614) > """ > /* > * OK, we're going ahead. > */ > > trig_activate_packageprocessing(pkg); > strcpy(cidirrest, TRIGGERSCIFILE); > trig_parse_ci(cidir, NULL, trig_cicb_statuschange_activate, pkg, > &pkg->available); > > /* Read the conffiles, and copy the hashes across. */ > newconffiles = NULL; > newconffileslastp = &newconffiles; > push_cleanup(cu_fileslist, ~0, NULL, 0, 0); > strcpy(cidirrest,CONFFILESFILE); > """ > > It seems to me that "cidirrest" is not read between the two strcpy-calls.
cidirrest is being used to append stuff to cidir, with both being initialized at the beginning of the function. In the particular case you point out, the next line makes use of that value in the trig_parse_ci(), and the other is following by an fopen() call also making use of it. That variable and the other similar usage patterns around the code is something I've pending to change, as it's quite confusing and makes it difficult in some cases to check if we are within the buffer bounds. Thanks, Guillem -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
