[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Window manager identity ?
From:       Jan Holesovsky <kendy () artax ! karlin ! mff ! cuni ! cz>
Date:       2002-11-15 10:40:55
[Download RAW message or body]

On Fri, 15 Nov 2002, Stephan Kulow wrote:

> Am Friday 15 November 2002 01:55 schrieb Jan Holesovsky:
> > On Fri, 15 Nov 2002, Richard Moore wrote:
> > > > Thanks - that's very helpful. But why use strncmp() and not strcmp()?
> > > > Can the name be longer than "KWin"?
> > >
> > > Someone could force you to overrun the buffer if you don't set a limit.
> >
> > strcmp != strcpy
> >
> What has one to do with the other? You can overrun the buffer with both
> strcmp and strcpy, just with strcpy you can actually over_write_ it too.
> But you won't notice the difference if you've got the segmentation fault,
> because you read out of the page.

Sorry, wrote much less than I should. I just wanted to point out, that
Richard's question is still valid and the overrun should not be an issue
_in_this_ case (but I am affaid of strcpy overruns in _any_ case, that
is my "!="). Or do I really have to write

if ( wmname && wmname[4] == 0 && !strncmp("KWin", wmname, 4))

and not just

if ( wmname && !strcmp("KWin", wmname))

to be really, _really_ safe?

Back to Richard's question. What if someone creates a new window manager
and calls it "KWinBlah"?

if ( wmname && !strncmp("KWin", wmname, 4) )

would give a false positive. Or do I miss something even here?

Kendy

 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]