sahlberg@xxxxxxxxxxxx wrote:
User: sahlberg
Date: 2005/09/01 02:05 PM
Log:
convert to g_snprintf()
also make range_convert_range() return an emem allocated string
Directory: /trunk/plugins/asn1/
Changes Path Action
+0 -3 packet-asn1.c Modified
Directory: /trunk/epan/
Changes Path Action
+0 -1 prefs.c Modified
+8 -12 range.c Modified
Directory: /trunk/gtk/
Changes Path Action
+0 -1 prefs_dlg.c Modified
Hi Ronnie!
Although I like your effort to make Ethereal safer and with much less
memory leaks, I have some serious doubts about the following line:
g_snprintf(str, 128-(str-string), "%s%u", prepend_comma?",":"",
The expression "128-(str-string)" is exactly which should be avoided!!!
This way of coding is *very* error intensive, at least when changes are
made to the sources later.
The usage of GString might be problematic in terms of memory leakage,
but it is preferable over "hand-crafted" code to manipulate strings. And
manipulating strings is one of the main reasons for security problems.
Maybe copying the GString code from GLib and replace the g_malloc calls
by ep_malloc (well and change the prefix g_string_ to something like
ep_string_ or course)?
Regards, ULFL