freebsd-dev/usr.bin/whereis
Stefan Eßer f5ce14028c Silence Clang Scan warnings regarding the use of strcp().
While these warnings are false positives, the use of strdup() instead of
malloc() and strcpy() simplifies and clarifies the code.

While checking the remaining uses of strcpy and strcat I noticed an
assignment of a strlen() to a variable "s", whose value needs to be
preserved for use in later output routines (where it is used to allocate
a buffer). I do not think that the value of "s" will come out lower than
its correct value and thus there is no risk of a buffer overflow, in the
general case, but a specially crafter argument might lead to an overflow.

The bogus assignment to "s" is removed since this value was only used a
single time in the following malloc() call, which has been removed.

MFC after:	2 weeks
2019-01-24 18:39:45 +00:00
..
Makefile
Makefile.depend
pathnames.h
whereis.1
whereis.c Silence Clang Scan warnings regarding the use of strcp(). 2019-01-24 18:39:45 +00:00