[tz] defensive value for define on Solaris causes load of timerule to fail

Jonathan Leffler jonathan.leffler at gmail.com
Mon Jun 12 23:25:56 UTC 2017


Well, if the strcpy/strcat/strcat sequence is safe, the corresponding
sprintf is also safe (and if it wasn't safe, then the code would need to be
fixed anyway).  So it's permissible and safe to use:

    sprintf(lsp->fullname, "%s/%s", p, name);

I was under the impression Paul had just said that using snprintf() was OK
now as it was part of C99 — though he mistyped C99 as C89 in the last email
I saw commenting on the subject.


On Mon, Jun 12, 2017 at 3:41 PM, Brian Inglis <
Brian.Inglis at systematicsw.ab.ca> wrote:

> On 2017-06-12 15:10, Christos Zoulas wrote:
> > On Jun 12, 11:21am, eggert at cs.ucla.edu (Paul Eggert) wrote:
> > -- Subject: Re: [tz] defensive value for define on Solaris causes load
> of tim
> >
> > |               return EINVAL;
> > |             if (sizeof lsp->fullname - 1 <=3D strlen(p) + strlen(name))
> > |               return ENAMETOOLONG;
> > | -           strcpy(fullname, p);
> > | -           strcat(fullname, "/");
> > | -           strcat(fullname, name);
> > | +           strcpy(lsp->fullname, p);
> > | +           strcat(lsp->fullname, "/");
> > | +           strcat(lsp->fullname, name);
> >
> > Why not:
> >
> >       snprintf(lsp->fullname, sizeof(lsp_fullname), "%s/%s", p, name);
> >
> > and remove more code...
> From another post today:
> > /*
> > ** We avoid using snprintf since it's not available on all systems.
> > */
>
> --
> Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
>



-- 
Jonathan Leffler <jonathan.leffler at gmail.com>  #include <disclaimer.h>
Guardian of DBD::Informix - v2015.1101 - http://dbi.perl.org
"Blessed are we who can laugh at ourselves, for we shall never cease to be
amused."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/tz/attachments/20170612/f8b5f7c2/attachment.html>


More information about the tz mailing list