The dangers of static buffers in rsync code

Cristian Gafton gafton at
Tue Dec 30 13:25:36 EST 2003

On Mon, 29 Dec 2003, jw schultz wrote:

> How about an even smaller hammer.
> In recv_generator do a strlcpy of arg1 to an automatic.

That would work for this aprticular case I explained - however, the fact 
is that f_name() can change the value of the arguments passed around 
inhigher level functions, and there is no idication whatsoever when this 
is expected, when we don't care and when we mean "Oops!".

It is a nasty trap, and if you agree that it should get fixed, I think it 
is better done as part of the 2.6.0 rollout than at some minor release in 
the future.

Cristian Gafton     --     gafton at      --     Red Hat, Inc.
  "There are two kinds of people who never amount to much: those who 
   cannot do what they are told, and those who can do nothing else."
        --Cyrus Curtis

More information about the rsync mailing list