Hi Paul,
On 3/12/23 02:44, Paul Eggert wrote:
> From 54fac7560f87a134c4d3045ce7048f4819c4e492 Mon Sep 17 00:00:00 2001
> From: Paul Eggert <egg...@cs.ucla.edu>
> Date: Sat, 11 Mar 2023 00:38:24 -0800
> Subject: [PATCH 5/8] Avoid silent truncation of console file data
>
> * libmisc/console.c (is_listed): Rework so that there is no
> fixed-size buffer, and no need to use fgets or strlcpy or strtok.
> Instead, the code works with arbitrary-sized input,
> without silently truncating data or mishandling NUL
> bytes in the console file.
>
> Signed-off-by: Paul Eggert <egg...@cs.ucla.edu>
> ---
> libmisc/console.c | 41 ++++++++++++++++++++---------------------
> 1 file changed, 20 insertions(+), 21 deletions(-)
>
> diff --git a/libmisc/console.c b/libmisc/console.c
> index 7e2132dd..8264e1a3 100644
> --- a/libmisc/console.c
> +++ b/libmisc/console.c
> @@ -24,7 +24,6 @@
> static bool is_listed (const char *cfgin, const char *tty, bool def)
> {
> FILE *fp;
> - char buf[1024], *s;
> const char *cons;
>
> /*
> @@ -43,17 +42,17 @@ static bool is_listed (const char *cfgin, const char
> *tty, bool def)
> */
>
> if (*cons != '/') {
> - char *pbuf;
> - strlcpy (buf, cons, sizeof (buf));
> - pbuf = &buf[0];
> - while ((s = strtok (pbuf, ":")) != NULL) {
> - if (strcmp (s, tty) == 0) {
> + size_t ttylen = strlen (tty);
Please separate the initialization from the declaration, and
leave a blank line in between.
> + for (;;) {
> + if (strncmp (cons, tty, ttylen) == 0
> + && (cons[ttylen] == ':' || !cons[ttylen])) {
> return true;
> }
> -
> - pbuf = NULL;
> + cons = strchr (cons, ':');
> + if (!cons)
> + return false;
> + cons++;
> }
> - return false;
> }
>
> /*
> @@ -70,21 +69,22 @@ static bool is_listed (const char *cfgin, const char
> *tty, bool def)
> * See if this tty is listed in the console file.
> */
>
> - while (fgets (buf, sizeof (buf), fp) != NULL) {
> - /* Remove optional trailing '\n'. */
> - buf[strcspn (buf, "\n")] = '\0';
> - if (strcmp (buf, tty) == 0) {
> - (void) fclose (fp);
> - return true;
> + const char *tp = tty;
> + bool listed = false;
Please -Wdeclaration-after-statement. If the declaration is
so far that it helps mix declarations with code, it may be the
time to split something into a helper function...
Cheers,
Alex
> + for (int c; 0 <= (c = getc (fp)); ) {
> + if (c == '\n') {
> + if (tp && !*tp) {
> + listed = true;
> + break;
> + }
> + tp = tty;
> + } else if (tp) {
> + tp = *tp == c && c ? tp + 1 : NULL;
> }
> }
>
> - /*
> - * This tty isn't a console.
> - */
> -
> (void) fclose (fp);
> - return false;
> + return listed;
> }
>
> /*
> @@ -105,4 +105,3 @@ bool console (const char *tty)
>
> return is_listed ("CONSOLE", tty, true);
> }
> -
> --
> 2.37.2
>
--
<http://www.alejandro-colomar.es/>
GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Pkg-shadow-devel mailing list Pkg-shadow-devel@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
