Hi Evan,
On 03/31/09 22:52, Evan Layton wrote: > jan damborsky wrote: >> Hi Evan, >> >> please see my response in line. >> >> Thank you, >> Jan >> >> >> On 03/31/09 01:23, Evan Layton wrote: >>> jan damborsky wrote: >>>> ai_utils.c >>>> ---------- >>>> 52 - since ssize_t is not a pointer, I might recommend to >>>> return 0 instead of NULL in case of failure. >>>> >>>> 61-62 - is this check valid ? Looking at the scf_limit man page, >>>> it is not specified that 0 is invalid value. >>> >>> Yes this is a valid check. If scf_limit fails it -1 which is waht >>> we're checking for. However the comment is incorrect and should >>> state that if scf_limit fails we return MAXPATHLEN. >> >> Is it safe to return MAXPATHLEN in case of failure ? Is it >> assured that buffer overflow can't happen e.g. on lines >> 293, 501 ? >> I think that if scf_limit() fails, something is really broken >> and it might be safer not to proceed further. > > I see what you're refering to. I've removed the function > ai_get_scf_limit() in favor of just calling scf_limit and if it > returns -1 we now return an error. Yes, this is what I had in my mind. I am sorry about the confusion. Thank you for modifying this ! Jan
