On Fri, Aug 07, 2009 at 11:06:28AM +0200, Chris Lalancette wrote:
> qemudExtractMonitorPath() was doing a VIR_ALLOC_N followed by a
> strncpy. However, this isn't necessary; we can do the same thing
> using virAsprintf(), which is much safer.
>
> Signed-off-by: Chris Lalancette <clalance@xxxxxxxxxx>
> ---
> src/qemu_driver.c | 7 ++++---
> 1 files changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/src/qemu_driver.c b/src/qemu_driver.c
> index 55a09f5..37fdec2 100644
> --- a/src/qemu_driver.c
> +++ b/src/qemu_driver.c
> @@ -1017,12 +1017,13 @@ qemudExtractMonitorPath(virConnectPtr conn,
> */
> while (*tmp) {
> if (c_isspace(*tmp)) {
> - if (VIR_ALLOC_N(*path, (tmp-dev)+1) < 0) {
> + if (virAsprintf(path, "%s", dev) < 0) {
> virReportOOMError(conn);
> return -1;
> }
> - strncpy(*path, dev, (tmp-dev));
> - (*path)[(tmp-dev)] = '\0';
> + /* the last character is a \n, so back up one to overwrite */
> + (*path)[tmp-dev] = '\0';
> +
> /* ... now further update offset till we get EOL */
> *offset = tmp - haystack;
> return 0;
virAsprintf seems a little overkill to me - how about just
using strndup(), which is equivalent to VIR_ALLOC_N + strncpy,
but with guarenteed null termination
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list