Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/bin/sh



itojun%iijlab.net@localhost writes:

> >> Module Name:       src
> >> Committed By:      itojun
> >> Date:              Tue Apr 15 07:40:57 UTC 2003
> >> 
> >> Modified Files:
> >>    src/bin/sh: options.c
> >> 
> >> Log Message:
> >> %d is 12 chars, not 10 chars.  hinted by deraadt
> >
> >If security is a concern in this change, please consider doing this in
> >a sustainable way.  int won't break the 32-bit barrier before long,
> >but rest assured it will.
> 
>       hmm, to make sure we need to use asprintf() every place possible.
>       conversion to snprintf() is not enough.

Another, more efficient way to address this is the use of fixed-width
integer types, where appropriate.  However, in this particular case
(pedant's hat on) the use of int is wrong as it is used to hold the
result of a pointer subtraction.


- Klaus



Home | Main Index | Thread Index | Old Index