Re: gtk+-1.1.6 report

From: Jeff Garzik <jgarzik pobox com>
To: gtk-devel-list redhat com
Subject: Re: gtk+-1.1.6 report
Date: Wed, 9 Dec 1998 19:20:19 -0500 (EST)

Tim Janik wrote:
> On 9 Dec 1998, Owen Taylor wrote:
> >        sprintf (str, "%s%s", GTK_SYSCONFDIR, "/gtkrc");

> >        gtk_rc_add_default_file (str);
> >  
> >        var = g_get_home_dir ();
> > -      str = g_malloc (strlen(var) + strlen("/.gtkrc"));
> > +      str = g_malloc (strlen(var) + strlen("/.gtkrc") + 1);
> 
> people should really use g_strconcat for such cases,
> it saves a lot of error prone code portions, and is actually
> a lot more convenient.
> 
> >        sprintf (str, "%s%s", var, "/.gtkrc");


And g_snprintf, cuz it's always available and doesn't hurt to be safe.  :)
Even malloc'd strings can overflow sometimes, given the "right" input.

	Jeff

Follow-Ups:
- g_*printf() (Was: gtk+-1.1.6 report)
  - From: Andreas Tille

References:
- Re: gtk+-1.1.6 report
  - From: Tim Janik

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]