On Wed, 5 Jan 2005, Steve Kemp wrote:
> On Wed, Jan 05, 2005 at 10:13:52PM +0200, Pekka Savola wrote:
>> I'd welcome more eyeballs looking at it, correct any mistakes and
>> omissions (if any :).
>
> Looks good, except this bit seems dodgy:
Thanks for looking!
> - memcpy(ptr, CWDG(cwd).cwd, CWDG(cwd).cwd_length);
> - ptr += CWDG(cwd).cwd_length;
> + *ptr++ = '\'';
> + while (dir_length > 0) {
> + switch (*dir) {
> + case '\'':
> + *ptr++ = '\'';
> + *ptr++ = '\\';
> + *ptr++ = '\'';
> + /* fall-through */
>
>
> Is ptr going to be big enough? For every ' character it's incremented
> several times.
>
> This may become clear when more context is present, but it's the
> only thing that I'd be wanting to look more closely at.
Good question. The code fragment comes from 4.3.10.. [*] So, if you
assume the php developers thought that through, and nothing big has
changed between 4.1.2 and 4.3.8 (the patch applies as is) it should be
OK (that's good enough for me :). If not..
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
Hi,
On Wed, 5 Jan 2005, Steve Kemp wrote:
> On Wed, Jan 05, 2005 at 10:13:52PM +0200, Pekka Savola wrote:
>> I'd welcome more eyeballs looking at it, correct any mistakes and
>> omissions (if any :).
>
> Looks good, except this bit seems dodgy:
Thanks for looking!
> - memcpy(ptr, CWDG(cwd).cwd, CWDG(cwd) .cwd_length) ; .cwd_length;
> - ptr += CWDG(cwd)
> + *ptr++ = '\'';
> + while (dir_length > 0) {
> + switch (*dir) {
> + case '\'':
> + *ptr++ = '\'';
> + *ptr++ = '\\';
> + *ptr++ = '\'';
> + /* fall-through */
>
>
> Is ptr going to be big enough? For every ' character it's incremented
> several times.
>
> This may become clear when more context is present, but it's the
> only thing that I'd be wanting to look more closely at.
Good question. The code fragment comes from 4.3.10.. [*] So, if you
assume the php developers thought that through, and nothing big has
changed between 4.1.2 and 4.3.8 (the patch applies as is) it should be
OK (that's good enough for me :). If not..
[*] among others, cvs.php. net/diff. php/TSRM/ tsrm_virtual_ cwd.c?r1= 1.41.2. 7&r2=1. 41.2.8& ty=u
http://
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings