Matt Turner wrote:
> Found using
> ---
> @@
> expression E;
> identifier i;
> identifier address;
> @@
>
> - i = malloc(strlen(E) + 1);
> - strcpy(address, E);
> + i = strdup(E);
> ---
Would it be possible to similarly find the other common variant of
i = malloc(strlen(E) + 1);
if (i == NULL)
/* return 0, FatalError, panic, bail, maybe cleanup first */
strcpy(address, E);
?
Either way, it's much easier to verify strdup is correct than a
malloc+strcpy pair, so I like it.
> Signed-off-by: Matt Turner <[email protected]>
> ---
> hw/xfree86/parser/scan.c | 3 +--
> 1 files changed, 1 insertions(+), 2 deletions(-)
>
> diff --git a/hw/xfree86/parser/scan.c b/hw/xfree86/parser/scan.c
> index 5312143..9f63570 100644
> --- a/hw/xfree86/parser/scan.c
> +++ b/hw/xfree86/parser/scan.c
> @@ -1088,8 +1088,7 @@ void
> xf86setSection (char *section)
> {
> free(configSection);
> - configSection = malloc(strlen (section) + 1);
> - strcpy (configSection, section);
> + configSection = strdup(section);
> }
>
> /*
Reviewed-by: Alan Coopersmith <[email protected]>
--
-Alan Coopersmith- [email protected]
Oracle Solaris Platform Engineering: X Window System
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
