Merge lp:~mc-return/compiz/compiz.merge-fix957582-use-snprintf-instead-of-sprintf into lp:compiz/0.9.9
Proposed by
MC Return
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Stephen M. Webb | ||||
Approved revision: | 3571 | ||||
Merged at revision: | 3585 | ||||
Proposed branch: | lp:~mc-return/compiz/compiz.merge-fix957582-use-snprintf-instead-of-sprintf | ||||
Merge into: | lp:compiz/0.9.9 | ||||
Diff against target: |
12 lines (+1/-1) 1 file modified
libdecoration/decoration.c (+1/-1) |
||||
To merge this branch: | bzr merge lp:~mc-return/compiz/compiz.merge-fix957582-use-snprintf-instead-of-sprintf | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Stephen M. Webb | Approve | ||
Sam Spilsbury | Approve | ||
PS Jenkins bot | continuous-integration | Pending | |
Review via email: mp+145059@code.launchpad.net |
Commit message
Followed a recommendation of Coverity and replaced sprintf () with snprintf () with a buffer size of 128, as the definition says char buf[128].
(LP: #957582)
Description of the change
I guess this sprintf would never overflow, but it does not hurt to silence Coverity and simply replace it either.
Sam, Daniel - you have to decide if you want those Coverity SECURE_CODING recommendations to be followed, then I'll fix the rest of them also, otherwise we should mark those bug reports as invalid or won't fix.
To post a comment you must log in.
This makes sense as is, although I would recommend using std::string and stringstream where possible in future if individual line performance is not a huge concern (eg, we are not in an inner loop).
I would also recommend fixing all of the SECURE_CODING stuff in one-review where it makes sense to, having a proliferation of reviews for each individual bug is going to be a huge overhead.