This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Part 2 of Fixing a security hole in mount table.


Corinna Vinschen wrote:
> 
> Looks good to me, except for:
> 
> > -  char name[UNLEN + 1] = "";
> > +  char name[UNLEN > 127 ? UNLEN + 1 : 128] = "";
> 
> Huh?  Why that?  UNLEN is defined as 256 in lmcons.h so I don't understand
> the reasoning behind that complexity.
> 
Just being paranoid. "name" can either contain a user name
(length UNLEN + 1) or a sid (length 128). 
This construction costs nothing (the compiler does the work),
saves me from having to look up the .h file, and protects us
against possible header file changes.

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]