Hello: Attached is a patch that continues the same basic approach used in my Evergreen patch of:
* bzero->memset (with sizeof) - except when followed immediately by snprintf(), in which case the call was deleted completely * sprintf->snprintf (with sizeof) - for the C99-guaranteed null-terminated string and avoidance of overwrites * fgets (with sizeof) - because in at least one case "len - 1" was being used for the length, even though fgets is defined to retrieve 1 byte less than the requested length - so the code was effectively retrieving 2 bytes less than the allocated buffer * in 2 places in srfsh.c, increased buffer size by 1 to allow for null terminator * added -D_LARGEFILE64_SOURCE to the CFLAGS for apr-1.0 support * various typo fixes -- Dan Scott Laurentian University
osrf_mem.patch
Description: Binary data
