public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed
From: Richard Frith-Macdonald <richard@brainstorm.co.uk>
To: nobody@gcc.gnu.org
Cc: gcc-prs@gcc.gnu.org,
Subject: Re: libobjc/9751: malloc of strlen, not strlen+1
Date: Tue, 13 May 2003 05:06:00 -0000 [thread overview]
Message-ID: <20030513050601.7103.qmail@sources.redhat.com> (raw)
The following reply was made to PR libobjc/9751; it has been noted by GNATS.
From: Richard Frith-Macdonald <richard@brainstorm.co.uk>
To: John Carter <john.carter@tait.co.nz>
Cc: gcc-prs@gcc.gnu.org, gcc-bugs@gcc.gnu.org, gcc-gnats@gcc.gnu.org
Subject: Re: libobjc/9751: malloc of strlen, not strlen+1
Date: Tue, 13 May 2003 06:02:20 +0100
On Monday, May 12, 2003, at 10:56 pm, John Carter wrote:
> Hmm, looking at it again I still don't like it.
>
> If strncpy terminates due to having copied its "n" characters, it
> _doesn't_ copy in the null. (Yip, check the libc info page, as I say,
> the strncpy semantics are plain fugly and almost always doesn't do what
> you want...)
>
> The very next line uses strcat, which _expects_ a properly null
> terminated string! I can't believe this bit of code is reliable.
>
> In fact I will state a categorical principle any...
> strncpy( blah, bloo, fishpaste);
> Followed by immediately by...
> strwhateverlibcthing( blah,....);
> Can only work by accident!
>
> This is the code from gcc-3.2.3...
> /* The variable is gc_invisible and we have to reverse it */
> new_type = objc_atomic_malloc (strlen (ivar->ivar_type));
> strncpy (new_type, ivar->ivar_type,
> (size_t)(type - ivar->ivar_type));
> strcat (new_type, type + 1);
> ivar->ivar_type = new_type;
>
> I would rewrite that as...
> size_t len = type - ivar->ivar_type;
> new_type=objc_atomic_malloc(strlen(ivar-ivar_type));
> memcpy( new_type, ivar->ivar_type, len);
> strcpy( new_type+len, type+1);
So the size of the memory allocated is correct, but the use of
the strcat() is wrong... should have been strcpy().
I'd agree with your rewriting ... except for the typo in the argument
to strlen() and the improper to use of whitespace (as far as gnu
coding standards are concerned) of course :-)
There is no functional difference between strncpy() and memcpy()
in this case, but the memcpy() should be marginally faster.
next reply other threads:[~2003-05-13 5:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-05-13 5:06 Richard Frith-Macdonald [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-05-12 22:06 John Carter
2003-05-12 8:56 Richard Frith-Macdonald
2003-02-19 3:46 john.carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030513050601.7103.qmail@sources.redhat.com \
--to=richard@brainstorm.co.uk \
--cc=gcc-prs@gcc.gnu.org \
--cc=nobody@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).