View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009291 | GNUnet | util library | public | 2024-10-22 16:14 | 2024-10-23 21:19 |
Reporter | fefe | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | new | Resolution | open | ||
Target Version | 0.22.2 | ||||
Summary | 0009291: GNUNET_CONFIGURATION_serialize: confused code | ||||
Description | 1190 len = GNUNET_asprintf (&cbuf, 1191 "[%s]\n", 1192 sec->name); 1193 GNUNET_assert (0 < len); 1194 GNUNET_memcpy (mem + c_size, 1195 cbuf, 1196 len); 1197 c_size += len; 1198 GNUNET_free (cbuf); Just call GNUNET_vsnprintf and skip the memory allocation and deallocation. You even gain a buffer overflow check that way. Same advice applies further down in the same function: 1216 len = GNUNET_asprintf (&cbuf, "%s = %s\n", ent->key, val); 1217 GNUNET_free (val); 1218 GNUNET_memcpy (mem + c_size, cbuf, len); 1219 c_size += len; 1220 GNUNET_free (cbuf); I would, in fact, recommend refactoring the whole function. It does things in a very inefficient way (using memmove repeatedly to escape \n to \\n). | ||||
Tags | No tags attached. | ||||