[icedtea-web][RFC] sprintf -> snprintf in icedtea-web plugin, C++-side
Adam Domurad
adomurad at redhat.com
Tue May 22 08:43:13 PDT 2012
Hello all. Small patch, description in ChangeLog. I ran it against run-netx-dist-tests with no regressions.
The motivation being that sprintf is generally to be avoided, because if something goes wrong somewhere, it's better to have an extra fallback that prevents buffer overflow.
A few small buffers that were being malloc/free'd in a very short period of time were made to be stack based.
There isn't a terrible need to change it performance wise, it does however make for clearer code with less possibility of error (eg, free being left out).
Small note:
snprintf is -technically- non-standard C++ (C99 standard). However, as long as GCC is targetted, there is no issue -and- it was already used in the source as it were.
2012-05-22 Adam Domurad <adomurad at redhat.com>
Changed allocation of small, fixed-size buffers to stack-based
allocations. Changed occurences of sprintf to the safer function
snprintf, added buffer information. While unlikely to change
functionality, snprintf adds an extra check to prevent buffer
overflows.
* plugin/icedteanp/IcedTeaNPPlugin.cc: Allocation of small buffers
using malloc changed to stack allocation & changed sprintf calls to
buffer-size aware snprintf calls.
* plugin/icedteanp/IcedTeaPluginUtils.cc: Same as above.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.patch
Type: text/x-patch
Size: 4754 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120522/bf7cb1c5/patch.patch
More information about the distro-pkg-dev
mailing list