* [Qemu-devel] [PATCH 4/5] HACKING: add string management rules
@ 2010-08-15 17:50 Blue Swirl
0 siblings, 0 replies; 2+ messages in thread
From: Blue Swirl @ 2010-08-15 17:50 UTC (permalink / raw)
To: qemu-devel
Add string management rules, somewhat like libvirt HACKING.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
---
HACKING | 24 ++++++++++++++++++++++++
1 files changed, 24 insertions(+), 0 deletions(-)
diff --git a/HACKING b/HACKING
index e0342df..54bd2fd 100644
--- a/HACKING
+++ b/HACKING
@@ -79,3 +79,27 @@ qemu_vmalloc/qemu_memalign/qemu_vfree APIs.
Memory allocated by qemu_vmalloc or qemu_memalign must be freed with
qemu_vfree, since breaking this will cause problems on Win32 and user
emulators.
+
+4. String manipulation
+
+Do not use the strncpy function. According to the man page, it does
+*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous
+to use. Instead, use functionally equivalent function:
+void pstrcpy(char *buf, int buf_size, const char *str)
+
+Don't use strcat because it can't check for buffer overflows, but:
+char *pstrcat(char *buf, int buf_size, const char *s)
+
+The same limitation exists with sprintf and vsprintf, so use snprintf and
+vsnprintf.
+
+QEMU provides other useful string functions:
+int strstart(const char *str, const char *val, const char **ptr)
+int stristart(const char *str, const char *val, const char **ptr)
+int qemu_strnlen(const char *s, int max_len)
+
+There are also replacement character processing macros for isxyz and toxyz,
+so instead of e.g. isalnum you should use qemu_isalnum.
+
+Because of the memory management rules, you must use qemu_strdup/qemu_strndup
+instead of plain strdup/strndup.
--
1.6.2.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Qemu-devel] [PATCH 4/5] HACKING: add string management rules
@ 2010-08-26 18:38 Blue Swirl
0 siblings, 0 replies; 2+ messages in thread
From: Blue Swirl @ 2010-08-26 18:38 UTC (permalink / raw)
To: qemu-devel
Add string management rules, somewhat like libvirt HACKING.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
---
HACKING | 24 ++++++++++++++++++++++++
1 files changed, 24 insertions(+), 0 deletions(-)
diff --git a/HACKING b/HACKING
index 554009e..a3d714f 100644
--- a/HACKING
+++ b/HACKING
@@ -83,3 +83,27 @@ qemu_vmalloc/qemu_memalign/qemu_vfree APIs.
Memory allocated by qemu_vmalloc or qemu_memalign must be freed with
qemu_vfree, since breaking this will cause problems on Win32 and user
emulators.
+
+4. String manipulation
+
+Do not use the strncpy function. According to the man page, it does
+*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous
+to use. Instead, use functionally equivalent function:
+void pstrcpy(char *buf, int buf_size, const char *str)
+
+Don't use strcat because it can't check for buffer overflows, but:
+char *pstrcat(char *buf, int buf_size, const char *s)
+
+The same limitation exists with sprintf and vsprintf, so use snprintf and
+vsnprintf.
+
+QEMU provides other useful string functions:
+int strstart(const char *str, const char *val, const char **ptr)
+int stristart(const char *str, const char *val, const char **ptr)
+int qemu_strnlen(const char *s, int max_len)
+
+There are also replacement character processing macros for isxyz and toxyz,
+so instead of e.g. isalnum you should use qemu_isalnum.
+
+Because of the memory management rules, you must use qemu_strdup/qemu_strndup
+instead of plain strdup/strndup.
--
1.6.2.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-08-26 18:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-08-26 18:38 [Qemu-devel] [PATCH 4/5] HACKING: add string management rules Blue Swirl
-- strict thread matches above, loose matches on Subject: below --
2010-08-15 17:50 Blue Swirl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).