| Summary: | ASTERISK-05375: [patch] no more strcpy in channels/*.c | ||
| Reporter: | BJ Weschke (bweschke) | Labels: | |
| Date Opened: | 2005-10-27 00:01:01 | Date Closed: | 2011-06-07 14:10:18 |
| Priority: | Minor | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) channels.ast_copy_string.patch | |
| Description: | patch to replace all strcpy's with ast_copy_string as appropriate for the remainder of occurrences that still exist in current CVS-HEAD in channels/*.c | ||
| Comments: | By: Russell Bryant (russell) 2005-10-27 00:12:53 Some of the calls to strcpy are intentional. Since it is not a length limited copy, it is more efficient than ast_copy_string. This is safe to do when copying a known string into a buffer that we allocated so we *know* it's big enough. By: BJ Weschke (bweschke) 2005-10-27 06:56:40 I can appreciate what you're saying here, but how do we translate that into something to put into the CODING-GUIDELINES that developers than adhere to? Do we say something to the affect of "Use ast_copy_string(...) instead of strcpy or strncpy when not using a constant as your src" ? If we can agree to something like that, I'll redo the patch for only the matching instances. By: Tilghman Lesher (tilghman) 2005-10-27 09:15:24 We use ast_copy_string as a substitute for strncpy, when the input is of unknown (or not premeasured) length. Premeasured example: baz = alloca(strlen(foo) + strlen(bar) + 2); strcpy(baz, foo); strcat(baz, "/"); strcat(baz, bar); We don't need to do bounds checking because we've already sized the buffer appropriately for the input. Basically, the rule of thumb is, "if it makes it faster (without removing a needed bounds check) or adds a _needed_ bounds check, do it, otherwise don't." By: Clod Patry (junky) 2005-10-27 10:14:10 Quick note, try to specify the date too. We have a field for that, that would be great if we all use it. | ||