On Mon, Jan 19, 2004 at 10:17:30AM -0800, Wayne Davison wrote:
> I've got a patch that changes f_name_to() to return an unsigned int
> (like sme_tonprintf() and strlcpy() do) and adds checking to ensure that we
> didn't overflow the name before we try to use it:
>
> http://www.blorf.net/name-overflow.patch
>
> If anyone would care to check out the following patch before I commit
> it, please do.
I don't like it on two counts.
If we are going to vet the path name for overflow (a good
idea) lets do it once, explicitly, as we receive it instead
of having tests scattered throughout the code. In other
words, test for
strlen(file->dirname) + strlen(file->basename) >= MAXPATHLEN - 2 in
receive_file_entry().
When all you are doing is concatinating a couple of strings
snprintf is overkill, especially in an infrastructure
function. As it is now f_name_to() is about as good as it gets.
We went through several iterations with get_tmpname() to
keep it clean and efficient there is no need to regress
here.
--
________________________________________________________________
J.W. Schultz Pegasystems Technologies
email address: [EMAIL PROTECTED]
Remember Cernan and Schmitt
--
To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
