Summary:ASTERISK-05375: [patch] no more strcpy in channels/*.c
Reporter:BJ Weschke (bweschke)Labels:
Date Opened:2005-10-27 00:01:01Date Closed:2011-06-07 14:10:18
Versions:Frequency of
Environment:Attachments:( 0) channels.ast_copy_string.patch
Description: patch to replace all strcpy's with ast_copy_string as appropriate for the remainder of occurrences that still exist in current CVS-HEAD in channels/*.c
Comments:By: Russell Bryant (russell) 2005-10-27 00:12:53

Some of the calls to strcpy are intentional.  Since it is not a length limited copy, it is more efficient than ast_copy_string.  This is safe to do when copying a known string into a buffer that we allocated so we *know* it's big enough.

By: BJ Weschke (bweschke) 2005-10-27 06:56:40

I can appreciate what you're saying here, but how do we translate that into something to put into the CODING-GUIDELINES that developers than adhere to? Do we say something to the affect of "Use ast_copy_string(...) instead of strcpy or strncpy when not using a constant as your src" ? If we can agree to something like that, I'll redo the patch for only the matching instances.

By: Tilghman Lesher (tilghman) 2005-10-27 09:15:24

We use ast_copy_string as a substitute for strncpy, when the input is of unknown (or not premeasured) length.

Premeasured example:
baz = alloca(strlen(foo) + strlen(bar) + 2);
strcpy(baz, foo);
strcat(baz, "/");
strcat(baz, bar);

We don't need to do bounds checking because we've already sized the buffer appropriately for the input.

Basically, the rule of thumb is, "if it makes it faster (without removing a needed bounds check) or adds a _needed_ bounds check, do it, otherwise don't."

By: Clod Patry (junky) 2005-10-27 10:14:10

Quick note, try to specify the date too.
We have a field for that, that would be great if we all use it.