Mercurial > trustbridge
changeset 143:b026e6d2a161
Make flawfinder (a bit more) happy.
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Mon, 24 Mar 2014 16:09:47 +0100 |
| parents | 5fa4791d6d0e |
| children | dc9970d7b9bf |
| files | common/strhelp.c |
| diffstat | 1 files changed, 16 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/common/strhelp.c Mon Mar 24 15:36:12 2014 +0100 +++ b/common/strhelp.c Mon Mar 24 16:09:47 2014 +0100 @@ -5,6 +5,17 @@ #include <string.h> #include <assert.h> +/* Remarks regarding the "Flawfinder: ignore" comments in this file: + * + * - strlen: + * + * It's true that strlen might crash if input is not null + * terminated. But by design there is not safe way to get the + * length of an string in C, and defining an additional length + * parameter for string parameter will only transfere the problem to + * the caller. + */ + static void out_of_core(void) { @@ -107,8 +118,8 @@ bool str_equal (char *s1, char *s2) { - size_t l1 = strlen(s1); - size_t l2 = strlen(s2); + size_t l1 = strlen(s1); /* Flawfinder: ignore */ + size_t l2 = strlen(s2); /* Flawfinder: ignore */ if ((l1 == l2) && (strcmp(s1, s2) == 0)) return true; @@ -119,7 +130,8 @@ bool str_starts_with (char *s1, char *s2) { - if (strncmp(s1, s2, strlen(s2)) == 0) + size_t l2 = strlen(s2); /* Flawfinder: ignore */ + if (strncmp(s1, s2, l2) == 0) return true; else return false; @@ -133,7 +145,7 @@ { while (isspace(**s)) (*s)++; - i = strlen(*s); + i = strlen(*s); /* Flawfinder: ignore */ while (isspace((*s)[--i])) (*s)[i] = '\0'; }