Hi,
On Sun, Jul 21, 2019 at 01:15:58PM +0200, Fernando Fernandez Mancera wrote:
[...]
> > pend = nf_osf_strchr(pbeg, OSFPDEL);
> > if (pend) {
> > *pend = '\0';
> > + i = sizeof(f.genre);
> > if (pbeg[0] == '@' || pbeg[0] == '*')
> > - cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg + 1);
> > - else
> > - cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
> > + pbeg++;
> > + cnt = snprintf(f.genre, i, "%.*s", i - 1, pbeg + 1);
> > pbeg = pend + 1;
> > }
>
> I am not including this because the pbeg pointer is being modified if
> the condition is true which is not what we want. Note that pbeg is being
> used below. Also, we cannot do pbeg++ and at the same time shift the
> pointer passed to snprintf with pbeg + 1.
Oh, sorry that 'pbeg + 1' in my added code is a bug. I guess
incrementing pbeg if it starts with @ or * is fine because after the
call to snprintf() it is reset ('pbeg = pend + 1') without reusing its
old value.
Cheers, Phil
