[MPlayer-dev-eng] [PATCH 2/4] String handling audit/cleanup

[Nico Sabbi]

Nicholas Kain wrote:

> Yeah, those are identical, and there will be quite a few others that
> will compile to equivalent code;  I've converted away from sprintf in
> those instances because it aids in searching the codebase for code
> that has not yet been checked.  For the same reason, I've annotated
> certain uses of strncpy() and strcpy() as being necessary and safe.
> All of this is to aid in maintenance and future audits.  Without
> changes like these, it is extremely time consuming to check for
> correctness.


committed your patch to stream_dvb and part of the ones to 
stream_dvd.c, except that
1) len= strlen(dvd_device) was 1 byte too short
2)
@@ -868,7 +869,7 @@ static int open_s(stream_t *stream,int m
          int i;
          char buf[33];
          for (i = 0; i < 16; i ++)
-          sprintf(buf+2*i, "%02X", discid[i]);
+          snprintf(buf+2*i, sizeof buf - ((buf+2*i)-buf), "%02X", 
discid[i]);
          mp_msg(MSGT_IDENTIFY, MSGL_V, "ID_DVD_DISC_ID=%s\n", buf);
        }
      }

looks too horrendous to read (not that stream_dvd.c looks nice 
overall, very old-team style)

-- 
"Without a frontend, mplayer is useless" - someone in mplayer-users