On 01/11/15 23:09, Pierre Neidhardt wrote:
On 15-11-01 07:09:30, Dave Reisner wrote:
On Sun, Nov 01, 2015 at 01:32:59AM +0100, Rikard Falkeborn wrote:
Correct title_suffix_len to be the actual number of elements in the string (including the NUL-terminator) instead of the size of a pointer.
Note that wmemcpy blindly copies the number of wide characters it is told to copy (no check for NUL-terminating character), so this previously copied data outside of title_suffix.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> ---
Just a thought -- instead of dealing with calculating fixed sized buffers, why don't we just calculate the max width needed, and then use printf to do the actual formatting? It prevents two whole classes of problems: buffer overflows and potential string truncation.
The patch is somewhat insidious as it requires modifying list_display, string_display, etc., but I've already got a mostly working POC already.
I like it. More insidious, but I think the pros overweight the cons. Besides it would make alignment straighforward to add to other places if need be in the future.
Just in case, you'll need to use wprintf on every print where alignment is needed.
Can I get a patch with just the fix to this issue (i.e. what Pierre sent in an earlier email)? Any change to using (w)printf can occur on top of that. Thanks, Allan