1b11b64b81
The strcat() function has all of the same overflow problems
as strcpy(). And as a bonus, it's easy to end up
accidentally quadratic, as each subsequent call has to walk
through the existing string.
The last strcat() call went away in f063d38b80
(daemon: use
cld->env_array when re-spawning, 2015-09-24). In general,
strcat() can be replaced either with a dynamic string
(strbuf or xstrfmt), or with xsnprintf if you know the
length is bounded.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
19 lines
447 B
C
19 lines
447 B
C
#ifndef BANNED_H
|
|
#define BANNED_H
|
|
|
|
/*
|
|
* This header lists functions that have been banned from our code base,
|
|
* because they're too easy to misuse (and even if used correctly,
|
|
* complicate audits). Including this header turns them into compile-time
|
|
* errors.
|
|
*/
|
|
|
|
#define BANNED(func) sorry_##func##_is_a_banned_function
|
|
|
|
#undef strcpy
|
|
#define strcpy(x,y) BANNED(strcpy)
|
|
#undef strcat
|
|
#define strcat(x,y) BANNED(strcat)
|
|
|
|
#endif /* BANNED_H */
|