Safe coding practices (was Re: Bug in users command)
Norman Diamond
diamond at jit345.swstokyo.dec.com
Fri Jan 25 13:19:29 AEST 1991
In article <22870 at well.sf.ca.us> Jef Poskanzer <jef at well.sf.ca.us> writes:
>In the referenced message, diamond at jit345.enet@tkou02.enet.dec.com (Norman Diamond) wrote:
>}In article <22855 at well.sf.ca.us> Jef Poskanzer <jef at well.sf.ca.us> writes:
>}> #define MAXNAMES 1000
>}> static char users[MAXNAMES][UT_NAMESIZE+1];
>}> (void) strncpy( users[nusers], u.ut_name, UT_NAMESIZE );
>}> users[nusers][UT_NAMESIZE] = '\0';
>}>And yes, this will fail if more than 1000 users are logged in at
>}>the same time. Imagine how concerned I am.
>}
>}Uh, maybe equally concerned as ...
>
>Gosh, in ten years, if every trend in computer usage magically reverses
>itself, I'll get a message telling me to change the number from 1000 to
>10000.
Suppose someone starts logging NFS clients? Or the clients of some other
service? 1000 would already be a bit small for that.
>Yes, it does check for overflow.
Uh, you mean that it doesn't abort on overflow, but only gives inaccurate
answers. OK, so your example does about 1/4 of what a good example would do.
>Dan Bernstein's hack of reading utmp twice and allocating
>50 extra slots in case more users log in between the two is, when you
>come down to it, *no better*. Just more complicated. Worse, in fact,
>since he *doesn't* check for overflow.
If I had seen that posting, and if Mr. Bernstein had made some claim about
adequacy, and if I had the time, I would have criticized that too. In fact,
if I had seen the posting, and given the hypocrisy that you attributed to
him (which I deleted, sorry), then it wouldn't matter if I had the time;
I'd've flamed him ;-) . But I didn't see it, sorry.
--
Norman Diamond diamond at tkov50.enet.dec.com
If this were the company's opinion, I wouldn't be allowed to post it.
More information about the Comp.std.c
mailing list