emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Let's tell we are using GTK+


From: Betoes
Subject: Re: Let's tell we are using GTK+
Date: Wed, 20 Aug 2003 15:24:18 -0300
User-agent: Mutt/1.3.28i

On Tue, Aug 19, 2003 at 11:46:21AM +0200, Lute Kamstra wrote:
> Terje Rosten <address@hidden> writes:
> 
> > * Lute Kamstra
> > | 
> > | Maybe the GTK version should be mentioned as well.
> >
> > Updated patches with version information and the (annoying?) +
> > sign removed. emacs-version will now display something like this:
> >
> >  GNU Emacs 21.3.50.1 (i686-pc-linux-gnu, GTK+ 2.2.1) of 2003-08-04 on 
> >  myhost.net
> 
> I like it, but...
> 
> [...]
> 
> > +  {
> > +    char gtk_version[8];
> > +    sprintf (gtk_version, "%d.%d.%d", GTK_MAJOR_VERSION, GTK_MINOR_VERSION,
> > +        GTK_MICRO_VERSION);
> > +    Vgtk_version_string = build_string (gtk_version);
> > +  }
> 
> this seems vulnerable to a buffer overflow.  It is acceptable to use
> snprintf instead, or isn't that portable enough?  (I'm not really
> intimate with C.)  What could be used instead, a larger string?

I believe, asprintf would be better, but I don't know about portability...

{
  char * gtk_version;
  asprintf (&gtk_version, "%d.%d.%d", GTK_MAJOR_VERSION, GTK_MINOR_VERSION,
          GTK_MICRO_VERSION);
  Vgtk_version_string = build_string (gtk_version);
  free(gtk_version);
}




reply via email to

[Prev in Thread] Current Thread [Next in Thread]