[webkit-reviews] review granted: [Bug 94522] Unsafe vsprintf usage in TestNetscapePlugin : [Attachment 159511] patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Aug 20 13:46:52 PDT 2012
Adam Barth <abarth at webkit.org> has granted Nate Chapin <japhet at chromium.org>'s
request for review:
Bug 94522: Unsafe vsprintf usage in TestNetscapePlugin
https://bugs.webkit.org/show_bug.cgi?id=94522
Attachment 159511: patch
https://bugs.webkit.org/attachment.cgi?id=159511&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=159511&action=review
> Tools/DumpRenderTree/TestNetscapePlugIn/PluginObject.cpp:66
> char message[2048] = "PLUGIN: ";
> - vsprintf(message + strlen(message), format, args);
> + vsnprintf(message + strlen(message), 2040, format, args);
Why 2040 and not 2048 ? Also, these libc functions don't necessarily
\0-terminate strings, so it's a good practice to explicitly write a '\0' at the
end of the array after calling these functions.
More information about the webkit-reviews
mailing list