August 26th, 2005

My wonderful Meg kitty.

For the love of whatever deity you happen to like....

DO NOT USE sprintf()! NEVER, EVER, EVER, EVER, EVER USE sprintf()! USE snprintf()! It'll protect you from buffer overflows!

Furthermore, do not use uninitialized pointers!
Collapse )

The guy who wrote this code was directed to NOT use malloc for tmpPath, use sprintf() instead of strcat(), and not bother checking for an ending slash.

To this guy's discredit: He didn't initialize his char*'s. He used strcat(), not strncat(). He had no idea why you shouldn't use sprintf() or strcat(). He also poo-poohed my suggestion to check for an ending slash on getOutDirPath() despite the fact that there's no check for it in the code.

I don't recall exactly, but I think the initialization for envDir was "/tmp" as well. =/

Collapse )

Collapse )

Completely untested, but I suspect that'll work just fine, so long as someone remembers to free(tmpPath) at the end.

1. A check to determine that olen>0 before accessing olen-1
2. I didn't update tmpLen.
3. olen was eliminated in favor of tmpLen.
4. LJ cuts by popular demand.