On 6/18/21 8:32 AM, Gavin Smith wrote:
If we were going to mess about with this code it would be better to rewrite it to use neither strncat not strcat.
Indeed - the code is sufficiently complex that I could not be sure there is no buffer overflow, for example. Are we guaranteed that the 'description' is at least two bytes shorter (to make room for final newline plus final null) than strlen(entry) ? Probably, but there is no comment explaining why, and you'd have to look caefully to make sure there no case that could risk overflow. -- --Per Bothner p...@bothner.com http://per.bothner.com/