l.lunak at suse.cz
Thu Dec 19 18:04:59 GMT 2002
On Thursday 19 of December 2002 18:33, Andrew Stanley-Jones wrote:
> This was CC'ed to core devel a few days ago, so I thought I might as well
> follow up. While my first patch was wrong, but this brings up a very old
> topic, and maybe it could refresh some memories.
> The change to the code (strncpy->strlcpy) was simple and even though it
> "should not" do anything bad, broke the entire program making it useless.*
> Since the change was made by someone who did not attempt to understand the
> code, and then never tested the problem wasn't found till much later. I
> fixed head since I ran accross it.
> Yesterday while on irc on #kde-devel a little message poped up, "anyone
> tried kSirc in 3.1 branch recently?" Client was completly broken. Again a
> simple fix, and we got it good and early so no harm done.
> But it really bugs me when changes are done and not tested. I understand
> that when changing lots of code all over the place it would be very time
> consuming, but especially in stable branches how else do you know it was
> good? If you don't understand the code/or are unwilling to test it maybe
> email the maintainer?
> I don't mean to bash on anyone, and their efforts are excelent, but I just
> want to use this oportunity to offer a friendly reminder.
> *: the strings being copied were not supposed to be null terminated, and
> were being moved around using string+length. The addition of the null at
> the end caused all strings being sent by the client to be corrupt.
If changing the code from strncpy to strlcpy broke anything, then the code
was already "broken" before - how the hell is one supposed to know that this
or that strncpy wasn't actually meant to be strncpy?
SuSE CR, s.r.o. e-mail: l.lunak at suse.cz , l.lunak at kde.org
Drahobejlova 27 tel: +420 2 9654 2373
190 00 Praha 9 fax: +420 2 9654 2374
Czech Republic http://www.suse.cz/
More information about the kde-core-devel