| commit | 1b11b64b815db62f93a04242e4aed5687a448748 | |
| author | Jeff King <peff@peff.net> | |
| Tue, 24 Jul 2018 09:26:39 +0000 (24 05:26 -0400) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Thu, 26 Jul 2018 17:12:50 +0000 (26 10:12 -0700) | ||
| tree | d2586029cf8eca4bbef35af2331b36e19d2ff48a | treesnapshot (tar.gz zip) |
| parent | c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd | commitdiff |
banned.h: mark strcat() as banned
The strcat() function has all of the same overflow problems
as strcpy(). And as a bonus, it's easy to end up
accidentally quadratic, as each subsequent call has to walk
through the existing string.
The last strcat() call went away in f063d38b80 (daemon: use
cld->env_array when re-spawning, 2015-09-24). In general,
strcat() can be replaced either with a dynamic string
(strbuf or xstrfmt), or with xsnprintf if you know the
length is bounded.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The strcat() function has all of the same overflow problems
as strcpy(). And as a bonus, it's easy to end up
accidentally quadratic, as each subsequent call has to walk
through the existing string.
The last strcat() call went away in f063d38b80 (daemon: use
cld->env_array when re-spawning, 2015-09-24). In general,
strcat() can be replaced either with a dynamic string
(strbuf or xstrfmt), or with xsnprintf if you know the
length is bounded.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| banned.h | diffblobblamehistory |