The dangers of static buffers in rsync code
Cristian Gafton
gafton at redhat.com
Tue Dec 30 13:25:36 EST 2003
On Mon, 29 Dec 2003, jw schultz wrote:
> How about an even smaller hammer.
> In recv_generator do a strlcpy of arg1 to an automatic.
That would work for this aprticular case I explained - however, the fact
is that f_name() can change the value of the arguments passed around
inhigher level functions, and there is no idication whatsoever when this
is expected, when we don't care and when we mean "Oops!".
It is a nasty trap, and if you agree that it should get fixed, I think it
is better done as part of the 2.6.0 rollout than at some minor release in
the future.
Cristian
--
----------------------------------------------------------------------
Cristian Gafton -- gafton at redhat.com -- Red Hat, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"There are two kinds of people who never amount to much: those who
cannot do what they are told, and those who can do nothing else."
--Cyrus Curtis
More information about the rsync
mailing list