On 05.01.2011 10:20, Yegor Yefremov wrote:
> fixes the amount of allocated memory for ttypath, so that
> there is place for '\0'
>
> Signed-off-by: Yegor Yefremov <[email protected]>
>
> Index: b/can-utils/slcand.c
> ===================================================================
> --- a/can-utils/slcand.c 2011-01-05 10:13:25.000000000 +0100
> +++ b/can-utils/slcand.c 2011-01-05 10:13:35.000000000 +0100
> @@ -235,7 +235,7 @@
> if (pch == tty) {
> print_usage(argv[0]);
> }
> - ttypath = malloc((strlen(devprefix) + strlen(tty)) * sizeof(char));
> + ttypath = malloc((strlen(devprefix) + strlen(tty)) + sizeof(char));
Won't
ttypath = malloc(strlen(devprefix) + strlen(tty) + 1);
be more clearly here? Maybe with some comment about the trailing '\0' ??
And what about line 103:
pidfile = malloc((strlen(pidprefix) +strlen(DAEMON_NAME) + strlen(tty) +
strlen(pidsuffix) + 1) * sizeof(char));
Is this the same issue to be fixed?
I wonder if you can avoid malloc() in both of these cases and use static char
buffers for that. AFAICS you can determine all of the given lengths easily and
the length of the ttyname could (and should!) be limited to e.g. 32 when
checking the commandline parameters.
Regards,
Oliver
_______________________________________________
Socketcan-core mailing list
[email protected]
https://lists.berlios.de/mailman/listinfo/socketcan-core
