summaryrefslogtreecommitdiff
path: root/source3/include/safe_string.h
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-03-18 11:22:52 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-03-18 11:22:52 +0000
commitd5ee9b2f480ddbda0b8f69409698d27c99384f9c (patch)
tree2664e91ce8bbfedeaf34292fca1d5dcfb8039176 /source3/include/safe_string.h
parent5452ecebc7d89fac6e1047b92b77be47fe85914c (diff)
downloadsamba-d5ee9b2f480ddbda0b8f69409698d27c99384f9c.tar.gz
samba-d5ee9b2f480ddbda0b8f69409698d27c99384f9c.tar.bz2
samba-d5ee9b2f480ddbda0b8f69409698d27c99384f9c.zip
Jeremy merged across my string parinoia fixes, but forgot to enable them! :-)
This patch catches up on the rest of the work - as much string checking as is possible is done at compile time, and the rest at runtime. Lots of code converted to pstrcpy() etc, and other code reworked to correctly call sizeof(). Andrew Bartlett (This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be)
Diffstat (limited to 'source3/include/safe_string.h')
-rw-r--r--source3/include/safe_string.h19
1 files changed, 11 insertions, 8 deletions
diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h
index ad7b4139a3..61ef4bdf96 100644
--- a/source3/include/safe_string.h
+++ b/source3/include/safe_string.h
@@ -129,11 +129,17 @@ size_t __unsafe_string_function_usage_here_char__(void);
safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1)
-/* inside the _fn varients of these is a call to 'clobber_region' - which might
- destory the stack on a buggy function. Help the debugging process by putting
- the function and line it was last called from into a static buffer
-
- But only for developers */
+/* Inside the _fn variants of these is a call to clobber_region(), -
+ * which might destroy the stack on a buggy function. We help the
+ * debugging process by putting the function and line who last caused
+ * a clobbering into a static buffer. If the program crashes at
+ * address 0xf1f1f1f1 then this function is probably, but not
+ * necessarily, to blame. */
+
+/* overmalloc_safe_strcpy: DEPRECATED! Used when you know the
+ * destination buffer is longer than maxlength, but you don't know how
+ * long. This is not a good situation, because we can't do the normal
+ * sanity checks. Don't use in new code! */
#ifdef DEVELOPER
#define overmalloc_safe_strcpy(dest,src,maxlength) safe_strcpy_fn(__FUNCTION__,__LINE__,dest,src,maxlength)
@@ -214,7 +220,4 @@ size_t __unsafe_string_function_usage_here_char__(void);
#define strlower(s) strlower_m(s)
#define strupper(s) strupper_m(s)
-#define safe_strcpy_base(dest, src, base, size) \
- safe_strcpy(dest, src, size-PTR_DIFF(dest,base)-1)
-
#endif