From: Jakub Narebski <jnareb@gmail.com>
To: git@vger.kernel.org
Subject: Re: [PATCH] Improved error messages when temporary file creation fails
Date: Wed, 08 Dec 2010 00:56:39 +0100 [thread overview]
Message-ID: <idmhjl$n1j$1@dough.gmane.org> (raw)
In-Reply-To: 20101207212041.GG25767@bzzt.net
Arnout Engelen wrote:
> On Tue, Dec 07, 2010 at 12:56:17PM -0800, Junio C Hamano wrote:
>>> + char origtemplate[255];
>>> + strlcpy(origtemplate, template, 255);
>>
>> Why "255"?
>
> Random - 'i had to choose something'.
>
>> It may happen to be sufficiently large for the current callers, but what
>> provisions if any are made to help the compiler or the runtime protect us
>> from new and broken callers? Use of strlcpy() there hides the issue from
>> the runtime by avoiding segfault, but it actively harms us by making the
>> code silently behave incorrectly without segfaulting, no?
>
> Only in a small way: when a bigger template is encountered and the mkstemp
> call succeeds, there is no problem. Only when xmkstemp fails *and* clears the
> template, the diagnostic error message shows a truncated version of the
> original.
>
> I *could* dynamically allocate space for the original template string, but that
> would mean I'd need to do a malloc() instead of putting the buffer on the stack
> like this, and free() it afterwards. I'm not too concerned about the
> performance hit here (presumably the I/O that comes with creating and using
> the temporary file here is orders of magnitude slower than that malloc()
> anyway), but it would also make the code a bit less easy to read.
>
> What do you think would be preferable here, a simple fixed-length buffer on the
> stack that might cause a truncated error message or a dynamically-allocated
> one that makes the code somewhat more complicated?
Why not use PATH_MAX instead of 255?
P.S. I'm sory for cutting up CC list...
--
Jakub Narebski
Warsaw, Poland
ShadeHawk on #git
next prev parent reply other threads:[~2010-12-07 23:57 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-07 18:16 [PATCH] Improved error messages when temporary file creation fails Arnout Engelen
2010-12-07 19:09 ` Jonathan Nieder
2010-12-07 20:56 ` Junio C Hamano
2010-12-07 21:20 ` Arnout Engelen
2010-12-07 23:56 ` Jakub Narebski [this message]
2010-12-08 0:12 ` Jonathan Nieder
2010-12-08 2:01 ` Junio C Hamano
2010-12-18 16:55 ` Arnout Engelen
2010-12-18 20:05 ` Jonathan Nieder
2010-12-18 20:47 ` Junio C Hamano
2010-12-18 20:47 ` Junio C Hamano
2010-12-18 21:28 ` Arnout Engelen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='idmhjl$n1j$1@dough.gmane.org' \
--to=jnareb@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).