freetype-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ft-devel] Bug in ft_mem_strcpyn

From: James Cloos
Subject: [ft-devel] Bug in ft_mem_strcpyn
Date: Thu, 08 Mar 2007 05:24:04 -0500
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/23.0.0 (gnu/linux) 
While further debugging the error in fontconfig I wrote about earlier,
I discovered that freetype's ft_mem_strcpyn() seems to have a bug:

It looks like:

,----(freetype2/src/base/ftutil.c)
| FT_BASE_DEF( FT_Int )
|   ft_mem_strcpyn( char*        dst,
|                   const char*  src,
|                   FT_ULong     size )
|   {
|     while ( size > 1 && *src != 0 )
|       *dst++ = *src++;
| 
|     *dst = 0;  /* always zero-terminate */
| 
|     return *src != 0;
|   }
`----

and probably is most often called by way of the macro:

,----(freetype2/include/freetype/internal/ftmemory.h)
| #define FT_STRCPYN( dst, src, size ) \
|  ft_mem_strcpyn( (char*)dst, (const char*)(src), (FT_ULong)(size) )
`----

I suspect most users expect the same semantics as strncpy(3), in that
at most size octets are copied.  It seems there needs to be a size--
in that while loop, yes?

-JimC
-- 
James Cloos <address@hidden>         OpenPGP: 1024D/ED7DAEA6
reply via email to
[Prev in Thread] Current Thread [Next in Thread]