Re: [opensuse-packaging] boinc-client: bnc#689499

On Sun, 15 May 2011, Cristian Rodríguez wrote:
El 10/05/11 15:15, David Haller escribió:
==== Top of file: ====
#define _POSIX_SOURCE 1
#include <limits.h>
#include <errno.h>
[..: former line 373]
char filename[NAME_MAX], subdir[PATH_MAX];
if (retval) break;
retval = snprintf(subdir, PATH_MAX-2, "%s/%s", dirpath, filename);
if(retval >= PATH_MAX-2) {
errno = ENAMETOOLONG; perror(""); /* oder so ähnlich */

Someone who knows C better should check that though. AFAIK the limit
of PATH_MAX-2 ('/' + '\0' + dirpath (w/o '\0') + filename (w/o '\0'))
should be ok, but ...

There is other problems with this stuff that upstream has to fix, see
the function definition

int dir_size(const char* dirpath, double& size, bool recurse) .. that's
going to fail with an integer overflow sooner or later...

** off_t *** dir_size ... and fix the underlying code that is not going
to handle stuff correctly in its currrent incarnation...

I'm not that good a C programmer, especially with such stuff, I can
identify the problem at times, but fixing it only in really trivial
cases[1]. A test program here even failed even with snprintf (but I
was tired when I did that, as I'm now). So, better someone experienced
should fix that function (and possibly the Windows part as well).


Maybe something more like a check before snprintf?

if( (size_t)(PATH_MAX-2) <= ( strlen(dirpath) + strlen(filename) ) ) {
errno = ENAMETOOLONG; perror("");
retval = snprintf(subdir, PATH_MAX-2, "%s/%s", dirpath, filename);
if(retval >= PATH_MAX-2 || retval < 0 ) {
errno = ENAMETOOLONG; perror("");

Remember, with stuff like that, I'm a layman.


[1] e.g. a classic _and_ easily identifiable off-by-one error

But, as we all know, "robust" and "stable" have different meanings in the
computer industry. "robust": Probably won't fall over if a gnat farts nearby
(unless the gnat is near a sensitive spot). "stable": no longer updated or
supported by the manufacturer. -- Steve VanDevender
