On Tue, Mar 05, 2024 at 08:06:10PM -0800, Jerry D wrote:
> On 3/5/24 1:51 PM, Harald Anlauf wrote:
> > Hi Jerry,
> >
> > on further thought, do we sanitize 'child_iomsg'?
> > We pass it to snprintf as format.
> >
> > Wouldn't a strncpy be sufficient?
> >
> > Harald
> >
> >
>
> Just to be safe I will bump char message[IOMSG_LEN] to char
> message[IOMSG_LEN + 1]
>
> This is like a C string vs a Fortran string length situation. snprintf
> guarantees we don't exceed the child_iomsg_len and null terminates it.
>
> I added 1 to:
> child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1
>
string_len_trim substracts 1 from the passed in argument.
gfc_charlen_type
string_len_trim (gfc_charlen_type len, const CHARTYPE *s)
{
if (len <= 0)
return 0;
const size_t long_len = sizeof (unsigned long);
size_t i = len - 1;
Does this account for the NULL?
--
steve
