[flac-dev] [PATCH] for win_utf8_io.c

Janne Hyvärinen cse at sci.fi
Fri Aug 8 09:38:11 PDT 2014

Some comments for patch #1, I chose the non-secure versions because they 
are faster and produce smaller binary. The functions where these 
printings are performed can't in my opinion ever exceed the safety 
margin of 32 KB. They print short help and error texts and occasionally 
filename, which with APIs is restricted to 260 characters. And you can't 
feed it longer faulty names either because maximum command line length 
is much shorter than 32 KB.

Patch #2 is good. I was apparently not thinking when writing that.

The break that patch #3 removes is there for a reason. If there is an 
error in string conversion there's no point in continuing the operation. 
All conversions are discarded if something failed so not exiting from 
the loop is wasted effort.

On 8.8.2014 18:18, lvqcl wrote:
> For better readability the patch is divided by 3 parts.
> Part #1: for a bit better security replace
>     vsprintf(utmp, format, argptr)
> with
>     vsnprintf_s(utmp, 32768, _TRUNCATE, format, argptr)
> Part #2: potential memleak fixed: utf8argv[i] are not freed
> when utf8argv itself is freed.
> Part #3: 'if (ret != 0) break;' line seems redundant.
> _______________________________________________
> flac-dev mailing list
> flac-dev at xiph.org
> http://lists.xiph.org/mailman/listinfo/flac-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.xiph.org/pipermail/flac-dev/attachments/20140808/5f8724da/attachment.htm 

More information about the flac-dev mailing list