[Bf-committers] Memory trash in BLI_split_dirfile [sorry-forgot to subscribe first]
bf-committers@blender.org
bf-committers@blender.org
Tue, 17 Aug 2004 23:34:59 EDT
-------------------------------1092800099
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Hello All -
I have been be-deviled by a crash, and I finally traced it down to a memory
trash in BLI_split_dirfile in the line marked by >>>:
if (strlen(string)) {
if (string[0] == '/' || string[0] == '\\') {
strcpy(dir, string);
} else if (string[1] == ':' && string[2] == '\\') {
strcpy(dir, string);
} else {
BLI_getwdN(dir);
strcat(dir,"/");
strcat(dir,string);
>>> strcpy(string,dir);
}
This in inside an #ifdef WIN32, but there is the same code on the other side
of the #else. I know that strcat and strcpy are dangerous for reasons like
this. I did a grep and found 552 lines containing "strcpy" and am not
immediately going to fix all of them :)
Shall I go ahead and fix this place? I'd also like to reduce the duplicated
code in the #ifdef and the #else, but am not able to test on non-Windows
systems yet.
Thanks,
Chris Keith
-------------------------------1092800099
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3DUS-ASCII">
<META content=3D"MSHTML 6.00.2800.1458" name=3DGENERATOR></HEAD>
<BODY id=3Drole_body style=3D"FONT-SIZE: 10pt; COLOR: #000000; FONT-FAMILY:=20=
Arial"=20
bottomMargin=3D7 leftMargin=3D7 topMargin=3D7 rightMargin=3D7><FONT id=3Drol=
e_document=20
face=3DArial color=3D#000000 size=3D2>
<DIV> =20
<DIV>Hello All -</DIV>
<DIV> </DIV>
<DIV>I have been be-deviled by a crash, and I finally traced it down to a me=
mory=20
trash in BLI_split_dirfile in the line marked by >>>:</DIV>
<DIV> </DIV>
<DIV> if (strlen(string)) {<BR> if (string[0] =3D=3D '/' ||=20
string[0] =3D=3D '\\') { <BR> strcpy(dir, string);<BR> =
; }=20
else if (string[1] =3D=3D ':' && string[2] =3D=3D '\\')=20
{<BR> strcpy(dir, string);<BR> } else=20
{<BR> =20
BLI_getwdN(dir);<BR> &n=
bsp; =20
strcat(dir,"/");<BR> &n=
bsp; =20
strcat(dir,string);<BR>>>>  =
; =20
strcpy(string,dir);<BR> }</DIV>
<DIV> </DIV>
<DIV>This in inside an #ifdef WIN32, but there is the same code on the other=
=20
side of the #else. I know that strcat and strcpy are dangerous for rea=
sons=20
like this. I did a grep and found 552 lines containing "strcpy" and am=20=
not=20
immediately going to fix all of them :)</DIV>
<DIV> </DIV>
<DIV>Shall I go ahead and fix this place? I'd also like to reduce the duplic=
ated=20
code in the #ifdef and the #else, but am not able to test on non-Windows sys=
tems=20
yet.</DIV>
<DIV> </DIV>
<DIV>Thanks,</DIV>
<DIV>Chris Keith<BR></DIV></DIV></FONT></BODY></HTML>
-------------------------------1092800099--