Re: [dev] Re: [st] [PATCH] Avoid buffer overflows in the case of key-mapped strings.

From: koneu <>
Date: Thu, 10 Oct 2013 22:25:26 +0200


There is a compile time boundary
check on the number of tags in dwm.
Still, considering sl software is targeted at elite users
it's not necessary IMO.


Christoph Lohmann <> wrote:
>On Thu, 10 Oct 2013 21:06:33 +0200 sin <> wrote:
>> On Thu, Oct 10, 2013 at 08:56:05PM +0200, Roberto E. Vargas Caballero
>> > > It's runtime segfault (that may be rare and hard to catch) that
>> > > worth exactly one additional check.
>> >
>> > Ok, we don't agree about this topic, so I would like listen the
>> > of other suckless developers in order to take a decision.
>> I agree with Roberto here, if a user makes a mistake in the
>> and the program segfaults it is the user's responsibility.
>> I do not think it is hard to catch, all it takes is to diff your
>> against a known working copy (the default one for example).
>There are no users in suckless. There are only developers. Users have
>use gnome. So knowing array boundaries and pointers is a must. If
>would design config.h for end users, well you are already lost with
>task. It’s impossible.
>For the special case: What’s the sense in sending a NULL string on
>shortcut? You are supposed to get a strange error you can only solve
>thinking when you do that. Roberto is right on this. Will we do
>checks on the other variables too?
>Christoph Lohmann
Received on Thu Oct 10 2013 - 22:25:26 CEST

This archive was generated by hypermail 2.3.0 : Thu Oct 10 2013 - 22:36:06 CEST