Improving name-truncation detection

jw schultz jw at pegasys.ws
Mon Jan 19 22:39:56 GMT 2004


On Mon, Jan 19, 2004 at 10:17:30AM -0800, Wayne Davison wrote:
> I've got a patch that changes f_name_to() to return an unsigned int
> (like sme_tonprintf() and strlcpy() do) and adds checking to ensure that we
> didn't overflow the name before we try to use it:
> 
>     http://www.blorf.net/name-overflow.patch
> 
> If anyone would care to check out the following patch before I commit
> it, please do.

I don't like it on two counts.

If we are going to vet the path name for overflow (a good
idea) lets do it once, explicitly, as we receive it instead
of having tests scattered throughout the code.  In other
words, test for
    strlen(file->dirname) + strlen(file->basename) >= MAXPATHLEN - 2 in
receive_file_entry().

When all you are doing is concatinating a couple of strings
snprintf is overkill, especially in an infrastructure
function.  As it is now f_name_to() is about as good as it gets.
We went through several iterations with get_tmpname() to
keep it clean and efficient there is no need to regress
here.

-- 
________________________________________________________________
	J.W. Schultz            Pegasystems Technologies
	email address:		jw at pegasys.ws

		Remember Cernan and Schmitt


More information about the rsync mailing list