subject:"Re\: \[Clamav\-devel\] Silly code in clamav\-0.93.1\/shared\/cfgparser.c"

Re: [Clamav-devel] Silly code in clamav-0.93.1/shared/cfgparser.c

2008-06-12 Thread Tomasz Kojm

On Thu, 12 Jun 2008 10:35:11 -0400
"David F. Skoll" <[EMAIL PROTECTED]> wrote:

> Surely you mean:  cpy = strdup(arg);
> 
> At the very least, you need to check the return from calloc().

David,

thanks for spotting this glitch, it's now fixed in SVN. If you find any more
issues like this, please open a bug report in our bugzilla and report them
there.

Thanks,

-- 
   oo. Tomasz Kojm <[EMAIL PROTECTED]>
  (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
 \..._ 0DCA5A08407D5288279DB43454822DC8985A444B
   //\   /\  Fri Jun 13 02:06:38 CEST 2008
___
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

Re: [Clamav-devel] Silly code in clamav-0.93.1/shared/cfgparser.c

2008-06-12 Thread David F. Skoll

David F. Skoll wrote:

> Just auditing the ClamAV code, I see:
> 
> 289char *cpy = (char *) calloc(strlen(arg), 1);
> 290  strncpy(cpy, arg, strlen(arg) - 1);
> 291  cpy[strlen(arg)-1]='\0';

> Ummm... whaaa???

> Surely you mean:  cpy = strdup(arg);

Oops, followed by:  cpy[strlen(arg)-1] = 0;

to chop off the trailing 'm' or 'k'.

Regards,

David.
___
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

Re: [Clamav-devel] Silly code in clamav-0.93.1/shared/cfgparser.c

Re: [Clamav-devel] Silly code in clamav-0.93.1/shared/cfgparser.c

2 matches

Site Navigation

Mail list logo

Footer information