[prev] [thread] [next] [lurker] [Date index for 2004/11/03]
On Tue, Nov 02, 2004 at 06:45:04PM -0600, sabrina downard wrote:
> pulled out of a program i'm trying to figure out why it's misbehaving:
>
> /* How to print/log error messages */
> #define DANGER_WILL_ROBINSON(KateBush) \
> { if (Debug) \
> perror (KateBush); \
> if (Log) { \
> char *xyzzy = malloc(strlen(KateBush)+4); \
> (void) strcpy(xyzzy, KateBush); (void) strcat(xyzzy, ": %m"); \
> syslog (LOG_ERR, xyzzy); free(xyzzy); } \
Gosh. That's both buggy and dangerous code. Firstly it should be strlen() + 5
(as it's appending 4 characters, but forgot about the NUL). Fix that and it's
still evil, as if anyone unwittingly logs a string with "%s" or "%p" (or
variants) the program is likely to segfault.
syslog (LOG_ERR, "%s: %m", KateBush);
in place of that malloc/strcpy/strcat/free mess is much safer, given that
the author can't be wanting to take advantage of syslog()'s printf-like
formatting as made clear by the call to perror().
Been there, diagnosed a previous piece of hateful software of being guilty
of this. Don't try to log URL-encoded e-mail addresses like this.
( user@xxxxxxxxx.xxx => user%40somewhere.com => SEGV )
Does the rest of this hateful software contain as many errors-per-line as
this excerpt?
Nicholas Clark
Generated at 10:01 on 05 Nov 2004 by mariachi 0.52