[PATCH] weston-launch: Fixed TTY switching
Daniel Stone
daniel at fooishbar.org
Thu Apr 9 05:10:07 PDT 2015
Hi,
On 8 April 2015 at 23:24, Bill Spitzak <spitzak at gmail.com> wrote:
> On 04/08/2015 02:35 PM, Daniel Stone wrote:
>> The best solution is to use strlcpy.
>>
>> If politics make that impossible, use snprintf(dest, len, "%s", src)
>> which is exactly the same as strlcpy, including the return value!
>> (imagine that...)
>>
>>
>> It's not the politics, it's that silently truncating a filename you're
>> hoping to use will at best pick a non-existent file, and at worst pick a
>> totally different/unrelated file.
>
> Except strncpy and snprintf also "silently truncate the filename" so it is
> politics because those functions exist.
You can make an argument that strlcpy doesn't exist in glibc because
of politics, sure. But the reason why it's totally inappropriate here
is nothing to do with politics.
> And strlcpy and snprintf are not really "silent": you can check if the
> return value is greater than the buffer size and know if truncation
> happened.
And, in this case, error out because returning an error is objectively
better than claiming success and returning an incorrect filename. In
which case, why are you advocating strlcpy, when you are actively
avoiding its sole raison d'etre?
Either way, Mateusz - can you please fix the patch so that it will not
write a path which (with terminating NUL) exceeds PATH_MAX, and
instead returns an error? Thanks.
Cheers,
Daniel
More information about the wayland-devel
mailing list