It's easy to get manual allocation calculations wrong, and the use of strcpy/strcat raise red flags for people looking for buffer overflows (though in this case each site was fine). It's also shorter to use xstrfmt, and the printf-format tends to be easier for a reader to see what the final string will look like. Signed-off-by: Jeff King <peff@xxxxxxxx> --- By the way, I think that the tip_name allocation in name_rev leaks badly, but it's a little tricky to fix (we sometimes hand off ownership of the variable, and sometimes not). However, this patch does not make it any worse, and nobody is complaining, so I left it for now. builtin/apply.c | 4 +--- builtin/fetch.c | 9 ++------- builtin/name-rev.c | 5 +---- sha1_name.c | 5 +---- shell.c | 6 +----- 5 files changed, 6 insertions(+), 23 deletions(-) diff --git a/builtin/apply.c b/builtin/apply.c index 9c5724e..b796910 100644 --- a/builtin/apply.c +++ b/builtin/apply.c @@ -1281,9 +1281,7 @@ static int parse_git_header(const char *line, int len, unsigned int size, struct */ patch->def_name = git_header_name(line, len); if (patch->def_name && root) { - char *s = xmalloc(root_len + strlen(patch->def_name) + 1); - strcpy(s, root); - strcpy(s + root_len, patch->def_name); + char *s = xstrfmt("%s%s", root, patch->def_name); free(patch->def_name); patch->def_name = s; } diff --git a/builtin/fetch.c b/builtin/fetch.c index 55f457c..40d989f 100644 --- a/builtin/fetch.c +++ b/builtin/fetch.c @@ -1053,16 +1053,11 @@ static int fetch_one(struct remote *remote, int argc, const char **argv) refs = xcalloc(argc + 1, sizeof(const char *)); for (i = 0; i < argc; i++) { if (!strcmp(argv[i], "tag")) { - char *ref; i++; if (i >= argc) die(_("You need to specify a tag name.")); - ref = xmalloc(strlen(argv[i]) * 2 + 22); - strcpy(ref, "refs/tags/"); - strcat(ref, argv[i]); - strcat(ref, ":refs/tags/"); - strcat(ref, argv[i]); - refs[j++] = ref; + refs[j++] = xstrfmt("refs/tags/%s:refs/tags/%s", + argv[i], argv[i]); } else refs[j++] = argv[i]; } diff --git a/builtin/name-rev.c b/builtin/name-rev.c index c824d4e..3c8f319 100644 --- a/builtin/name-rev.c +++ b/builtin/name-rev.c @@ -33,10 +33,7 @@ static void name_rev(struct commit *commit, return; if (deref) { - char *new_name = xmalloc(strlen(tip_name)+3); - strcpy(new_name, tip_name); - strcat(new_name, "^0"); - tip_name = new_name; + tip_name = xstrfmt("%s^0", tip_name); if (generation) die("generation: %d, but deref?", generation); diff --git a/sha1_name.c b/sha1_name.c index 2b6322f..5e95690 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -1252,10 +1252,7 @@ static void diagnose_invalid_sha1_path(const char *prefix, die("Path '%s' exists on disk, but not in '%.*s'.", filename, object_name_len, object_name); if (errno == ENOENT || errno == ENOTDIR) { - char *fullname = xmalloc(strlen(filename) - + strlen(prefix) + 1); - strcpy(fullname, prefix); - strcat(fullname, filename); + char *fullname = xstrfmt("%s%s", prefix, filename); if (!get_tree_entry(tree_sha1, fullname, sha1, &mode)) { diff --git a/shell.c b/shell.c index 5c0d47a..ace62e4 100644 --- a/shell.c +++ b/shell.c @@ -46,11 +46,7 @@ static int is_valid_cmd_name(const char *cmd) static char *make_cmd(const char *prog) { - char *prefix = xmalloc((strlen(prog) + strlen(COMMAND_DIR) + 2)); - strcpy(prefix, COMMAND_DIR); - strcat(prefix, "/"); - strcat(prefix, prog); - return prefix; + return xstrfmt("%s/%s", COMMAND_DIR, prog); } static void cd_to_homedir(void) -- 2.0.0.566.gfe3e6b2 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html