Re: [PATCH] apply: use strcmp(3) for comparing strings in gitdiff_verify_name()
- Date: Sun, 9 Jul 2017 14:20:27 +0200
- From: René Scharfe <l.s.r@xxxxxx>
- Subject: Re: [PATCH] apply: use strcmp(3) for comparing strings in gitdiff_verify_name()
Am 09.07.2017 um 00:29 schrieb Junio C Hamano:
René Scharfe <l.s.r@xxxxxx> writes:
Am 08.07.2017 um 13:08 schrieb Ramsay Jones:
On 08/07/17 09:58, René Scharfe wrote:
Avoid running over the end of another -- a C string whose length we
don't know -- by using strcmp(3) instead of memcmp(3) for comparing it
with another C string.
I had to read this twice, along with the patch text, before this
made any sense. ;-) The missing information being that 'another'
was the name of the string variable that we were potentially
'running over the end of'.
Yeah, sorry, encasing that unusual variable name in quotes would
probably have helped.
What makes it even more confusing is that the variable with the
problematic name is referred to as "it" in the last part of the
description--- the second occurrence of 'another' is actually not
referring to that variable but yet another string that is being
compared with it ;-)
Perhaps like this instead?
We don't know the length of the C string "another". It could be
shorter than "name", which we compare it to using memchr(3). Call
strcmp(3) instead to avoid running over the end of the former, and
get rid of a strlen(3) call as a bonus.