forked from enlightenment/efl
elm test config - ensure buffer does't get overfilled with lots of profs
the "let's use strncpy" brigade of course made sure to use it to "be secure" and yet still overtflow the buffer... this is a perfect lesson in DOP NOT USE strncpy unless you carefully think about the code and get it right. i mean things like: strncat(buf, profiles[i], strlen(profiles[i]) + 1); is blindly using strncpy ... and it's no better than strcpy, but mroe complex and giving the illusion of "it's safe". pay attention to your code people. please. thanks.
This commit is contained in:
parent
6359236420
commit
b15772853c
|
@ -84,10 +84,12 @@ _profile_update(Evas_Object *win)
|
|||
{
|
||||
for (i = 0; i < n; i++)
|
||||
{
|
||||
if (i >= 1) strncat(buf, ", ", 2);
|
||||
strncat(buf, profiles[i], strlen(profiles[i]) + 1);
|
||||
if (strlen(buf) >= (sizeof(buf) - 3)) break;
|
||||
if (i >= 1) strcat(buf, ", ");
|
||||
if (strlen(buf) >= (sizeof(buf) - 1 - strlen(profiles[i]))) break;
|
||||
strcat(buf, profiles[i]);
|
||||
}
|
||||
strncat(buf, "</b>", 4);
|
||||
if (strlen(buf) < (sizeof(buf) - 5)) strcat(buf, "</b>");
|
||||
}
|
||||
elm_object_text_set(lb, buf);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue