On Fri, Jul 13, 2018 at 1:43 PM Jeff King <peff@xxxxxxxx> wrote: > --- > Another option would just be color_parse(repeated_meta_color, "cyan"). > The run-time cost is slightly higher, but it probably doesn't matter > here, and perhaps it's more readable. > Thanks for posting this again; this looks good to me! Stefan > I'm sad that this strcpy() wasn't caught in review. IMHO we should avoid > that function altogether, even when we _think_ it can't trigger an > overflow. That's easier to reason about (and makes auditing easier). Can we somehow automatically find "bad code" either in pathces or in new code (such as pu), e.g. as a coccicheck for these functions?
