diff options
| author |   Marcelo Tosatti <mtosatti@redhat.com> | 2012-10-11 05:19:58 -0300 |
|---|---|---|
| committer | Marcelo Tosatti <mtosatti@redhat.com> | 2012-10-11 05:19:58 -0300 |
| commit | caaef9b163a4696f686d91f9f2767e9c6ab446d6 (patch) | |
| tree | 33acd5bd1bc8c34ffe36af2a7ab160018d80250f /HACKING | |
| parent | 487a26af87644923656e98a40f7801ec2f459b14 (diff) | |
| parent | c9159fe9aa9abe24115ea4d16127179e9cb07e22 (diff) | |
Merge commit 'c9159fe9aa9abe24115ea4d16127179e9cb07e22' into upstream-merge
* commit 'c9159fe9aa9abe24115ea4d16127179e9cb07e22': (83 commits)
Remove libhw
rtc: implement century byte
rtc: map CMOS index 0x37 to 0x32 on read and writes
rtc: fix overflow in mktimegm
qtest: implement QTEST_STOP
qemu-barrier: Fix compiler version check for future gcc versions
doc: update HACKING wrt strncpy/pstrcpy
hw/r2d: add comment: this strncpy use is ok
qcow2: mark this file's sole strncpy use as justified
acpi: remove strzcpy (strncpy-identical) function; just use strncpy
libcacard/vcard_emul_nss: use pstrcpy in place of strncpy
qemu-ga: prefer pstrcpy: consistently NUL-terminate ifreq.ifr_name
vscsi: avoid unwarranted strncpy
virtio-9p: avoid unwarranted uses of strncpy
bt: replace fragile snprintf use and unwarranted strncpy
ui/vnc: simplify and avoid strncpy
linux-user: remove two unchecked uses of strdup
ppc: avoid buffer overrun: use pstrcpy, not strncpy
os-posix: avoid buffer overrun
lm32: avoid buffer overrun
...
Conflicts:
hw/Makefile.objs
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Diffstat (limited to 'HACKING')
| -rw-r--r-- | HACKING | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -91,10 +91,11 @@ emulators. 4. String manipulation -Do not use the strncpy function. According to the man page, it does -*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous -to use. Instead, use functionally equivalent function: -void pstrcpy(char *buf, int buf_size, const char *str) +Do not use the strncpy function. As mentioned in the man page, it does *not* +guarantee a NULL-terminated buffer, which makes it extremely dangerous to use. +It also zeros trailing destination bytes out to the specified length. Instead, +use this similar function when possible, but note its different signature: +void pstrcpy(char *dest, int dest_buf_size, const char *src) Don't use strcat because it can't check for buffer overflows, but: char *pstrcat(char *buf, int buf_size, const char *s) |