Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/bin/sh
itojun%iijlab.net@localhost writes:
> >> Module Name: src
> >> Committed By: itojun
> >> Date: Tue Apr 15 07:40:57 UTC 2003
> >>
> >> Modified Files:
> >> src/bin/sh: options.c
> >>
> >> Log Message:
> >> %d is 12 chars, not 10 chars. hinted by deraadt
> >
> >If security is a concern in this change, please consider doing this in
> >a sustainable way. int won't break the 32-bit barrier before long,
> >but rest assured it will.
>
> hmm, to make sure we need to use asprintf() every place possible.
> conversion to snprintf() is not enough.
Another, more efficient way to address this is the use of fixed-width
integer types, where appropriate. However, in this particular case
(pedant's hat on) the use of int is wrong as it is used to hold the
result of a pointer subtraction.
- Klaus
Home |
Main Index |
Thread Index |
Old Index