qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] security_20040618

From: Tim
Subject: Re: [Qemu-devel] [PATCH] security_20040618
Date: Sat, 19 Jun 2004 09:01:34 -0700
User-agent: Mutt/1.5.6+20040523i 
> Thank you for the fixes.

np.

> For malloc() returning NULL, if your patch just says "malloc error", I 
> don't consider it is a good fix.

Yeah, I figured it would be very context specific for these.  In
low-level functions, you'd just want to return an error value (that
would need to be checked as well) and at higher-level stuff, perhaps
you'd just bail out, and clean up before killing the process.

For now, I will leave my patch as it stands in this respect.  It doesn't
implement a single NULL check for {m,re}alloc, it merely adds TODO
comments.  Later on, after I address some other things, perhaps I will
come back and attack these with a different patch.

> I see that you added many snprintf(). I don't like that because 
> pstrcpy() does exactly the right thing and it is faster and simpler.

There were some cases where I switched sprintf() with snprintf().  For
those, I figure they should stay that way.  For the strcpy() ->
snprintf() changes, yes, I agree that your pstrcpy() is faster.  I'll
review those and change them where I can.  However, pstrcpy() may not be
available via includes to every file, so I'll probably let the
snprintf() stand if I run into that problem.

Were you able to look at my proposed changes to pstrcpy()?  What do you
think of them?

Thanks for the feedback!
tim
reply via email to
[Prev in Thread] Current Thread [Next in Thread]