Hi,
Just auditing the ClamAV code, I see:
289 char *cpy = (char *) calloc(strlen(arg), 1);
290 strncpy(cpy, arg, strlen(arg) - 1);
291 cpy[strlen(arg)-1]='\0';
Ummm... whaaa???
Surely you mean: cpy = strdup(arg);
At the very least, you need to check the return fr
David F. Skoll wrote:
> Just auditing the ClamAV code, I see:
>
> 289char *cpy = (char *) calloc(strlen(arg), 1);
> 290 strncpy(cpy, arg, strlen(arg) - 1);
> 291 cpy[strlen(arg)-1]='\0';
> Ummm... whaaa???
> Surely you mean: cpy = strdup(arg);
Oops, followed by:
On Thu, 12 Jun 2008 10:35:11 -0400
"David F. Skoll" <[EMAIL PROTECTED]> wrote:
> Surely you mean: cpy = strdup(arg);
>
> At the very least, you need to check the return from calloc().
David,
thanks for spotting this glitch, it's now fixed in SVN. If you find any more
issues like this, please o
