Hi Gert
On Donnerstag, 17. März 2022 11:41:22 CET Gert Doering wrote:
> I wonder why we bother to actually *do* this? As in "we already know
> that this can never overflow here" (because all strings involved are
> known, and the max width of %d is known, too), but *if* it ever did,
> calling the subsequent setenv_str() wouldn't be a good idea to do - no?
It's in the spirit of defensive programming. It cannot overflow now, but will
likely overflow some time. However I thought that getting the value into env
might still be worthwhile in some scenarios, even if the name is not complete,
e.g. if the env is logged somewhere. The error message in the openvpn log, will
lead to cause then.
> Can we make transform these into a miniwrapper that does
> like
>
> for (i = 1, d = o->search_domains; d != NULL; i++, d = d->next)
> {
> _do_dns_env_thing( "dns_search_domain_%d", i, d->name );
> }
I actually had such a wrapper in place, but dumped it because I didn't like the
fact that the value would have to come before the name in the argument list,
because of the var-args. Since we have a format string with two %d (and there
might be more / other formatting specifiers in the future), the wrapper would
have to deal with ..., or we'd end up with two wrappers (or more if this is
extended in the future). No matter what:
> const char* format = s->domain_type == DNS_RESOLVE_DOMAINS ?
> "dns_server_%d_resolve_domain_%d" :
> "dns_server_%d_exclude_domain_%d";
requires it to be:
_do_dns_env_thing(d->name, "dns_server_%d_resolve__domain_%d", i, j);
right now already. And that lead me to not making things wrapped.
However I could be talked into removing the checks for openvpn_snprintf()'s
return value if there's a consensus, as it wouldn't introduce an actual issue.
Just maybe a little harder to debug issues in future code possibly. Also not
setting the env if sprintf fails sounds good, would do this rather:
if (openvpn_snprinf())
setenv_str();
else
name_ok = false;
Iff the value is really not useful in the env, when the name is incomplete.
Bonus: no &=.
Heiko
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
