astitcher commented on issue #176: NO-JIRA: [c] Fix Coverity warning of buffer 
overrun in pn_proactor_addr
URL: https://github.com/apache/qpid-proton/pull/176#issuecomment-465784333
 
 
   How about something like (compiles and passes tests with valgrind, but not 
tested with sanitisers or coverity):
   
   ```
   int pn_proactor_addr(char *buf, size_t len, const char *host, const char 
*port) {
     /* Don't use snprintf, Windows is not C99 compliant and snprintf is 
broken. */
     size_t hostlen = host ? strlen(host) : 0;
     size_t portlen = port ? strlen(port) : 0;
     if (buf && len > 0) {
       if (host) {
           strncpy(buf, host, len);
       } else {
           buf[0] = '\0';
       }
       if (hostlen+2 < len) {
           buf[hostlen] = ':';
           buf[hostlen+1] = '\0';
   
           if (port) strncat(buf, port, len-hostlen-1);
       }
       buf[len-1] = '\0';
     }
     return hostlen + portlen + 1;
   }
   ```
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to