On Sun, 10 Dec 2006 17:39:58 +0100 aji <[EMAIL PROTECTED]> babbled: > Hello, > > I found L244 in e17/libs/ecore/src/lib/ecore/ecore_path.c > (ecore_path_group_available) a strdup with a non null-terminated string. > The cause is L239: "strncpy(n, d->d_name, l - 2);" (so > ecore_list_append(avail, strdup(n)); is wrong). > > I propose a little patch (it sets '\0' and respects PATH_MAX). > > Perhaps that the cvs version preserves the extension's dot (exemple "been.so" > -> "been." ), but I don't understand why so I didn't preserve this one in my > patch.
actually that code is just wrong. if it is listing available files (except dot files and .so libs) why on earth is it nuking 2 chars off the end of the end of filenames? this will be bad for filenames 2 chars or less in size (i smell a segv here), you are right - it doesnt nul-terminate the names, andmore. not sure why 'n' is even needed. fixed in cvs. -- ------------- Codito, ergo sum - "I code, therefore I am" -------------- The Rasterman (Carsten Haitzler) [EMAIL PROTECTED] 裸好多 Tokyo, Japan (東京 日本) ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
