Dominique Pelle wrote:
> Trying the static analyzer 'cppcheck-1.34' on Vim source code,
> I saw the following warning:
>
> [./GvimExt/gvimext.cpp:638]: (all) Dangerous usage of strncat. Tip:
> the 3rd parameter means maximum number of characters to append
>
> Code in vim7/src/gvimext.cpp is:
>
> 623 char temp[BUFSIZE];
> ...
> 637 strncpy(temp, _("Edit with existing Vim - "), BUFSIZE - 1);
> 638 strncat(temp, title, BUFSIZE - 1);
>
> Code is incorrect indeed: strncat() may overflow temp buffer.
>
> Attached patch fixes it.
Thanks. These C string functions are tricky.
--
hundred-and-one symptoms of being an internet addict:
110. You actually volunteer to become your employer's webmaster.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ download, build and distribute -- http://www.A-A-P.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--~--~---------~--~----~------------~-------~--~----~
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
-~----------~----~----~----~------~----~------~--~---
