On Monday 29 January 2007 11:52, Keir Fraser wrote:
On 29/1/07 10:10, "Christoph Egger" <Chri...@amd.com> wrote:
The attached patch replaces sprintf with snprintf and strncpy with
strlcpy.
There are various cases where no NULL-terminated strings are guaranteed
and eventual possible overflows. This patch fixes them.
BTW: Since Xen kernel has its own string functions, can't we just remove
sprintf() and strncpy()? IMO, Xen should not inherit the historical C
relicts.
This makes plenty of sense. Strncpy() in particular is dangerous and
strlcpy() is always preferable. So I'd be happy to see strncat/strncpy die.
sprintf() is also dangerous. snprintf() is better. sprintf() should also die.
There are a few uses remaining (particularly in arch/ia64) that you'll have
to fix first.
Yeah. But due to lack of hw, I can't even build test for ia64 and ppc.
So when I send the patches, intel and ibm have to verify first that they don't
break anything.
And please add 'signed-off-by' attribution when you post patches!
Will do.
Christoph
5 messages in com.xensource.lists.xen-develRe: [Xen-devel] [PATCH] Use string bo...
.diff