[master] 12d8da9 - Solve issue #206 warning.

GitHub FLTK Project   FLTK News RSS Feed  
  FLTK Apps      FLTK Library      Forums      Links     Login 
 All Forums  |  Back to fltk.commit  ]
 
Previous Message ]Next Message ]

[master] 12d8da9 - Solve issue #206 warning. "Greg Ercolano" 12:32 Mar 23 top right image
 
commit 12d8da9cb64aa6b8574a4b595df5009eb264b2d7
Author:     Greg Ercolano <erco@seriss.com>
AuthorDate: Tue Mar 23 12:24:04 2021 -0700
Commit:     Greg Ercolano <erco@seriss.com>
CommitDate: Tue Mar 23 12:24:04 2021 -0700

    Solve issue #206 warning.

 src/Fl_Native_File_Chooser_WIN32.cxx | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git src/Fl_Native_File_Chooser_WIN32.cxx src/Fl_Native_File_Chooser_WIN32.cxx
index 860d677..717f8c0 100644
--- src/Fl_Native_File_Chooser_WIN32.cxx
+++ src/Fl_Native_File_Chooser_WIN32.cxx
@@ -524,10 +524,14 @@ int Fl_WinAPI_Native_File_Chooser_Driver::showfile() {
         char pathname[FNFC_MAX_PATH];
         for ( const WCHAR *s = dirname + dirlen + 1;
               *s; s += (wcslen(s)+1)) {
-          strncpy(pathname, wchartoutf8(dirname), FNFC_MAX_PATH);
-          strncat(pathname, "\\",                 FNFC_MAX_PATH);
-          strncat(pathname, wchartoutf8(s),       FNFC_MAX_PATH);
-          pathname[FNFC_MAX_PATH-1] = 0;
+          // ISSUE #206 -- beware strncpy() vs. strncat():
+          //      > strncpy() doesn't guarantee null termination but strncat() does.
+          //      > strncat() can write to n+1, whereas strncpy() only writes to n.
+          // fl_snprintf() can't be used here b/c wchartoutf8() returns a static str.
+          //
+          strncpy(pathname, wchartoutf8(dirname), FNFC_MAX_PATH); pathname[FNFC_MAX_PATH-1] = 0;
+          strncat(pathname, "\\",                 FNFC_MAX_PATH-1);
+          strncat(pathname, wchartoutf8(s),       FNFC_MAX_PATH-1);
           add_pathname(pathname);
         }
       }
Direct Link to Message ]
 
bottom left image   bottom right image
Previous Message ]Next Message ]
 
 

Comments are owned by the poster. All other content is copyright 1998-2021 by Bill Spitzak and others. This project is hosted by The FLTK Team. Please report site problems to 'erco@seriss.com'.