[devel] [git update] packages/katrin: heads/master

[Slava Semushin]

2007/6/25, Denis Klimov <zver / altlinux.org>:
[...]
> -       char *iface = strdup("eth0");
> -       char *allrate = strdup("100mbit");
> +       char iface[10] = "eth0";
> +       char allrate[10] = "100mbit";

Ммм... если вы решили сделать так, то не надо тогда free() вызывать в конце.

[...]
> -       char prog[] = "/tmp/katrin-tc-tmp";
> -       char path[] = "/tmp";
> +       char prog[25] = "";
> +       strlcpy(prog, "/tmp/katrin-tc.XXXXXX", sizeof prog);
> +       mktemp(prog);
>         FILE *fh = fopen(prog,"w");
> +

:-)

BUGS
       Never use mktemp().  Some implementations  follow  4.3BSD  and  replace
       XXXXXX  by  the current process ID and a single letter, so that at most
       26 different names can be returned.  Since on the one  hand  the  names
       are  easy to guess, and on the other hand there is a race between test-
       ing whether the name exists and opening the file, every use of mktemp()
       is a security risk.  The race is avoided by mkstemp(3).

P.S. Я, наверное, всем уже надоел :))


-- 
+ Slava Semushin | slava.semushin @ gmail.com
+ ALT Linux Team | php-coder @ altlinux.ru