Re: TFTP Option Negotiation
Date: Tue, 6 Jan 2009 13:45:31 -0800
On Tue, Jan 06, 2009 at 01:13:28PM -0800, Chad Monroe wrote:
> You recommend possibly using strnlen() above, but as far as I know this
> function isn't very portable (though I could be wrong). I also don't see
> it used anywhere else in the libcurl code base. I would use strlen, but
> would be concerned about a crash when a server returns an option
> acknowledgment which has a field that is not properly NULL terminated.
> This should really never happen in the real world, but you never know what
> types of servers you'll run into and it would be nice to protect against
> this. What would you recommend using in place of my for() loop or
> strnlen()? Or is strnlen() actually OK to use within libcurl? Thanks!
You're right, strnlen isn't completely portable and you definitely want to
protect yourself against malicious input. I think it's worthwhile
factoring this routine out into a separate function to improve readability
and decrease cyclomatic complexity. The most robust solution would be to
create a strnlen.c file with a replacement strnlen function and use the
autoconf AC_REPLACE_FUNCS macro to compile it in only when it's missing.
But for now you could just create a static curl_strnlen function earlier
in the file since it's only used here for now. That name makes it clear
what it is and how it's used and won't conflict with a real strnlen.
-- http://www.MoveAnnouncer.com The web change of address service Let webmasters know that your web site has movedReceived on 2009-01-06