diff options
author | Greg Hudson <ghudson@mit.edu> | 2008-10-23 19:59:05 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2008-10-23 19:59:05 +0000 |
commit | 70296e1f530313283f9a48dd0ec467e5c280a79d (patch) | |
tree | 355ffd3c0446c16aa71b0516cde7f06d0b8986fd /src/include/k5-platform.h | |
parent | 6be011a74d39563c81418fd4c330a72e156cdeb8 (diff) | |
download | krb5-70296e1f530313283f9a48dd0ec467e5c280a79d.zip krb5-70296e1f530313283f9a48dd0ec467e5c280a79d.tar.gz krb5-70296e1f530313283f9a48dd0ec467e5c280a79d.tar.bz2 |
Use snprintf instead of strcpy/strcat in many places
ticket: 6200
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/k5-platform.h')
-rw-r--r-- | src/include/k5-platform.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h index 4a2b1ae..279d6fd 100644 --- a/src/include/k5-platform.h +++ b/src/include/k5-platform.h @@ -920,6 +920,22 @@ extern int asprintf(char **, const char *, ...) #endif /* have vasprintf and prototype? */ +/* Return true if the snprintf return value RESULT reflects a buffer + overflow for the buffer size SIZE. + + We cast the result to unsigned int for two reasons. First, old + implementations of snprintf (such as the one in Solaris 9 and + prior) return -1 on a buffer overflow. Casting the result to -1 + will convert that value to UINT_MAX, which should compare larger + than any reasonable buffer size. Second, comparing signed and + unsigned integers will generate warnings with some compilers, and + can have unpredictable results, particularly when the relative + widths of the types is not known (size_t may be the same width as + int or larger). +*/ +#define SNPRINTF_OVERFLOW(result, size) \ + ((unsigned int)(result) >= (size_t)(size)) + #ifndef HAVE_MKSTEMP extern int krb5int_mkstemp(char *); #define mkstemp krb5int_mkstemp |