Subject: Re: server bind failure 48: Address already in use
To: Caffeinate The World <mochaexpress@yahoo.com>
From: Roland Dowdeswell <elric@imrryr.org>
List: current-users
Date: 04/05/2003 14:01:19
On 1049566521 seconds since the Beginning of the UNIX epoch
Caffeinate The World wrote:
>
>> > /* defensive programming */
>> > sprintf(txt,"Chat server bind failure %d: %s\n",errno,
>> > sys_errlist[errno]);
>>
>> Some people will never understand...
>
>Hi Christian,
He is probably refering to the potential of overflowing the buffer
txt there. It would be wise to use snprintf(3) or if you are on
a modern unix asprintf(3) rather than sprintf(3). Also, using
sys_errlist is generally avoided by using strerror(3).
So, something like:
char *buf;
asprintf(&buf, "Chat server bind failure %d: %s\n", errno,
strerror(errno));
if (buf) {
util_printf(buf);
free(buf);
}
return -2;
Would probably be more safe. If you need to avoid asprintf(3) which is
a slightly new libc function and so may not be available on all the
platforms about which you care then you can use snprintf(3):
snprintf(buf, sizeof(buf), ...)
And that will truncate the snprintf at the end of the buffer. Note that
the sizeof(buf) only works if it is declared as an array:
char buf[1024];
because sizeof() is a compile-time construct.
Of course, depending on what util_printf() does it may be safer to
just use fprintf(3) there.
Hope that helps,
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/