diff options
| author | Jeff King <peff@peff.net> | 2017-03-28 15:46:50 -0400 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2017-03-30 14:59:50 -0700 |
| commit | 5b1ef2cef4ff9d3213ec81465b99affb4a7c8083 (patch) | |
| tree | dca13ceebc0aadd97f91bfcab3299407a10e6523 /bisect.c | |
| parent | 446d5d911214fd3d61921478c98d4a88f84e410c (diff) | |
| download | git-5b1ef2cef4ff9d3213ec81465b99affb4a7c8083.tar.gz | |
replace unchecked snprintf calls with heap buffers
We'd prefer to avoid unchecked snprintf calls because
truncation can lead to unexpected results.
These are all cases where truncation shouldn't ever happen,
because the input to snprintf is fixed in size. That makes
them candidates for xsnprintf(), but it's simpler still to
just use the heap, and then nobody has to wonder if "100" is
big enough.
We'll use xstrfmt() where possible, and a strbuf when we need
the resulting size or to reuse the same buffer in a loop.
Signed-off-by: Jeff King <peff@peff.net>
Diffstat (limited to 'bisect.c')
| -rw-r--r-- | bisect.c | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -200,6 +200,7 @@ static struct commit_list *best_bisection_sorted(struct commit_list *list, int n { struct commit_list *p; struct commit_dist *array = xcalloc(nr, sizeof(*array)); + struct strbuf buf = STRBUF_INIT; int cnt, i; for (p = list, cnt = 0; p; p = p->next) { @@ -217,17 +218,18 @@ static struct commit_list *best_bisection_sorted(struct commit_list *list, int n } QSORT(array, cnt, compare_commit_dist); for (p = list, i = 0; i < cnt; i++) { - char buf[100]; /* enough for dist=%d */ struct object *obj = &(array[i].commit->object); - snprintf(buf, sizeof(buf), "dist=%d", array[i].distance); - add_name_decoration(DECORATION_NONE, buf, obj); + strbuf_reset(&buf); + strbuf_addf(&buf, "dist=%d", array[i].distance); + add_name_decoration(DECORATION_NONE, buf.buf, obj); p->item = array[i].commit; p = p->next; } if (p) p->next = NULL; + strbuf_release(&buf); free(array); return list; } |