34cbea73c9
While these warnings are false positives, the use of strdup() instead of malloc() and strcpy() simplifies and clarifies the code. While checking the remaining uses of strcpy and strcat I noticed an assignment of a strlen() to a variable "s", whose value needs to be preserved for use in later output routines (where it is used to allocate a buffer). I do not think that the value of "s" will come out lower than its correct value and thus there is no risk of a buffer overflow, in the general case, but a specially crafter argument might lead to an overflow. The bogus assignment to "s" is removed since this value was only used a single time in the following malloc() call, which has been removed. MFC after: 2 weeks |
||
---|---|---|
.. | ||
Makefile | ||
Makefile.depend | ||
pathnames.h | ||
whereis.1 | ||
whereis.c |