[zypp-devel] Re: [zypp-commit] r9315 - /trunk/sat-solver/src/solvable.c - Zypp Development - openSUSE Mailing Lists

newer
[zypp-devel] [SoC-student] Student...

[zypp-devel] Re: [zypp-commit] r9315 - /trunk/sat-solver/src/solvable.c

older
[zypp-devel] patch support status ?

Klaus Kaempf

31 Mar 2008 31 Mar '08

12:33

* mlandres@svn.opensuse.org [Mar 31. 2008 14:31]:

+ p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3); + sprintf(p, "%s-%s.%s", n, e, a);

Shouldn't this be a 'snprintf' for security reasons ? Klaus -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org

Reply

Sign in to reply online Use email software

Show replies by date

Michael Matz

31 Mar 31 Mar

12:55

Hi, On Mon, 31 Mar 2008, Klaus Kaempf wrote:

* mlandres@svn.opensuse.org [Mar 31. 2008 14:31]:

...
+ p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3); + sprintf(p, "%s-%s.%s", n, e, a);

Shouldn't this be a 'snprintf' for security reasons ?

No need. The line just above that sprintf allocates exactly enough memory. Ciao, Michael. -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org

Reply

Sign in to reply online Use email software

5871

Age (days ago)

5871

Last active (days ago)

Download

1 comments

2 participants

tags

participants (2)

Klaus Kaempf
Michael Matz