Re: [Flightgear-devel] a FIXME in fg_props.cxx
* [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]: code: static const char * getDateString () { static char buf[64]; // FIXME struct tm * t = globals-get_time_params()-getGmt(); sprintf(buf, %.4d-%.2d-%.2dT%.2d:%.2d:%.2d, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday, t-tm_hour, t-tm_min, t-tm_sec); return buf; } Why the FIXME in the declaration of buf? Is there a better way of doing that? Is there a buffer overrun concern or something? We should at least be using snprintf() here. So what makes snprintf() a better choice than sprintf()? snprintf(buf, buflen, format, ...) will not write more than buflen characters (including the trailing '\0') - this protects you against a possible buffer overflow . . . It probably isn't necessary in this case, but it's a Good Habit To Get Into(tm). Thanks Simon. g. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] a FIXME in fg_props.cxx
* [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]: code: static const char * getDateString () { static char buf[64]; // FIXME struct tm * t = globals-get_time_params()-getGmt(); sprintf(buf, %.4d-%.2d-%.2dT%.2d:%.2d:%.2d, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday, t-tm_hour, t-tm_min, t-tm_sec); return buf; } Why the FIXME in the declaration of buf? Is there a better way of doing that? Is there a buffer overrun concern or something? We should at least be using snprintf() here. Pardon me while I gripe a moment. It's usually a good idea to put a description next to a FIXME comment for precisely this reason. It would be a great help to people who are looking for something to do. It's also usually a good idea to keep a constant CVS repository so we can go back and see who added this code and if they said anything in the cvs-commit message about what is broken. All of the CVS history prior to Flightgear-0.9.0 is gone. :-/ gripe_mode=0; -- Cameron Moore [ I'm ashamed the lead singer of the Dixie Chicks is from Texas. ] ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] a FIXME in fg_props.cxx
On Wed, 12 Nov 2003, Cameron Moore wrote: * [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]: code: static const char * getDateString () { static char buf[64]; // FIXME struct tm * t = globals-get_time_params()-getGmt(); sprintf(buf, %.4d-%.2d-%.2dT%.2d:%.2d:%.2d, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday, t-tm_hour, t-tm_min, t-tm_sec); return buf; } Why the FIXME in the declaration of buf? Is there a better way of doing that? Is there a buffer overrun concern or something? We should at least be using snprintf() here. So what makes snprintf() a better choice than sprintf()? g. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] a FIXME in fg_props.cxx
On Wed, Nov 12, 2003 at 09:54:34PM -0800, Gene Buckle wrote: On Wed, 12 Nov 2003, Cameron Moore wrote: * [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]: code: static const char * getDateString () { static char buf[64]; // FIXME struct tm * t = globals-get_time_params()-getGmt(); sprintf(buf, %.4d-%.2d-%.2dT%.2d:%.2d:%.2d, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday, t-tm_hour, t-tm_min, t-tm_sec); return buf; } Why the FIXME in the declaration of buf? Is there a better way of doing that? Is there a buffer overrun concern or something? We should at least be using snprintf() here. So what makes snprintf() a better choice than sprintf()? snprintf(buf, buflen, format, ...) will not write more than buflen characters (including the trailing '\0') - this protects you against a possible buffer overflow . . . It probably isn't necessary in this case, but it's a Good Habit To Get Into(tm). Simon -- PGP public key Id 0x144A991C, or http://himi.org/stuff/himi.asc (crappy) Homepage: http://himi.org doe #237 (see http://www.lemuria.org/DeCSS) My DeCSS mirror: ftp://himi.org/pub/mirrors/css/ pgp0.pgp Description: PGP signature ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] a FIXME in fg_props.cxx
On Thursday 13 November 2003 06:54, Gene Buckle wrote: On Wed, 12 Nov 2003, Cameron Moore wrote: * [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]: static const char * getDateString () { static char buf[64]; // FIXME struct tm * t = globals-get_time_params()-getGmt(); sprintf(buf, %.4d-%.2d-%.2dT%.2d:%.2d:%.2d, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday, t-tm_hour, t-tm_min, t-tm_sec); return buf; } We should at least be using snprintf() here. So what makes snprintf() a better choice than sprintf()? With snprintf, you can make sure buf will never overflow. Though I guess it's impossible to overflow buf with the format-string that's used now. --Ivo ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel