Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > From 54fac7560f87a134c4d3045ce7048f4819c4e492 Mon Sep 17 00:00:00 2001 > From: Paul Eggert <[email protected]> > Date: Sat, 11 Mar 2023 00:38:24 -0800 > Subject: [PATCH 5/8] Avoid silent truncation of console file data > > * libmisc/console.c (is_listed): Rework so that there is no > fixed-size buffer, and no need to use fgets or strlcpy or strtok. > Instead, the code works with arbitrary-sized input, > without silently truncating data or mishandling NUL > bytes in the console file. > > Signed-off-by: Paul Eggert <[email protected]> > --- > libmisc/console.c | 41 ++++++++++++++++++++--------------------- > 1 file changed, 20 insertions(+), 21 deletions(-) > > diff --git a/libmisc/console.c b/libmisc/console.c > index 7e2132dd..8264e1a3 100644 > --- a/libmisc/console.c > +++ b/libmisc/console.c > @@ -24,7 +24,6 @@ > static bool is_listed (const char *cfgin, const char *tty, bool def) > { > FILE *fp; > - char buf[1024], *s; > const char *cons; > > /* > @@ -43,17 +42,17 @@ static bool is_listed (const char *cfgin, const char > *tty, bool def) > */ > > if (*cons != '/') { > - char *pbuf; > - strlcpy (buf, cons, sizeof (buf)); > - pbuf = &buf[0]; > - while ((s = strtok (pbuf, ":")) != NULL) { > - if (strcmp (s, tty) == 0) { > + size_t ttylen = strlen (tty);
Please separate the initialization from the declaration, and
leave a blank line in between.
> + for (;;) {
> + if (strncmp (cons, tty, ttylen) == 0
> + && (cons[ttylen] == ':' || !cons[ttylen])) {
> return true;
> }
> -
> - pbuf = NULL;
> + cons = strchr (cons, ':');
> + if (!cons)
> + return false;
> + cons++;
> }
> - return false;
> }
>
> /*
> @@ -70,21 +69,22 @@ static bool is_listed (const char *cfgin, const char
> *tty, bool def)
> * See if this tty is listed in the console file.
> */
>
> - while (fgets (buf, sizeof (buf), fp) != NULL) {
> - /* Remove optional trailing '\n'. */
> - buf[strcspn (buf, "\n")] = '\0';
> - if (strcmp (buf, tty) == 0) {
> - (void) fclose (fp);
> - return true;
> + const char *tp = tty;
> + bool listed = false;
Please -Wdeclaration-after-statement. If the declaration is
so far that it helps mix declarations with code, it may be the
time to split something into a helper function...
Cheers,
Alex
> + for (int c; 0 <= (c = getc (fp)); ) {
> + if (c == '\n') {
> + if (tp && !*tp) {
> + listed = true;
> + break;
> + }
> + tp = tty;
> + } else if (tp) {
> + tp = *tp == c && c ? tp + 1 : NULL;
> }
> }
>
> - /*
> - * This tty isn't a console.
> - */
> -
> (void) fclose (fp);
> - return false;
> + return listed;
> }
>
> /*
> @@ -105,4 +105,3 @@ bool console (const char *tty)
>
> return is_listed ("CONSOLE", tty, true);
> }
> -
> --
> 2.37.2
>
--
<http://www.alejandro-colomar.es/>
GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Pkg-shadow-devel mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
