Hi Segher,
On 06/21/2018 08:18 PM, Segher Boessenkool wrote:
> On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote:
>> - strncpy(prog, argv[0], strlen(argv[0]));
>> + strncpy(prog, argv[0], sizeof(prog) - 1);
>
> strncpy(prog, argv[0], sizeof prog);
> if (prog[sizeof prog - 1])
> scream_bloody_murder();
>
> Silently using the wrong data is a worse habit than not checking for
> overflows ;-)
Completely agree! Thanks for bringing this up.
If you don't mind, I would solve this problem slightly different, as it seems
to be more readable.
- strncpy(prog, argv[0], strlen(argv[0]));
+ if (strlen(argv[0]) >= LEN_MAX){
+ fprintf(stderr, "Very big executable name: %s\n", argv[0]);
+ return 1;
+ }
+
+ strncpy(prog, argv[0], sizeof(prog) - 1);
return test_harness(dscr_inherit_exec, "dscr_inherit_exec_test");
