> > Unfortunately, I got the strncat() stuff wrong. Fortunately, 99% of the data > handling routines do not use bstrncat(), and where bstrncat() is used, most > don't risk overflow. >
Have you ever run a code verifier over the bacula source code? I just ran Microsoft's PREfast (static code verifier) tool over my Windows drivers for Xen, and one of the errors it identified was: (PFD)Misuse of length parameter in call to 'strncat'. Pass the number of remaining characters, not the buffer size of 'tmp_path'. I guess I made the same mistake too :) James ------------------------------------------------------------------------------ Return on Information: Google Enterprise Search pays you back Get the facts. http://p.sf.net/sfu/google-dev2dev _______________________________________________ Bacula-devel mailing list Bacula-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-devel
