[OT] Re: Why Is Escaping Data Considered So Magical?
Kushal Kumaran
kushal.kumaran+python at gmail.com
Mon Jun 28 00:47:56 EDT 2010
On Sun, Jun 27, 2010 at 5:16 PM, Lawrence D'Oliveiro
<ldo at geek-central.gen.new_zealand> wrote:
> In message <mailman.2184.1277626565.32709.python-list at python.org>, Kushal
> Kumaran wrote:
>
>> On Sun, Jun 27, 2010 at 9:47 AM, Lawrence D'Oliveiro
>> <ldo at geek-central.gen.new_zealand> wrote:
>>
>>> In message <roy-854954.20435125062010 at news.panix.com>, Roy Smith wrote:
>>>
>>>> I recently fixed a bug in some production code. The programmer was
>>>> careful to use snprintf() to avoid buffer overflows. The only problem
>>>> is, he wrote something along the lines of:
>>>>
>>>> snprintf(buf, strlen(foo), foo);
>>>
>>> A long while ago I came up with this macro:
>>>
>>> #define Descr(v) &v, sizeof v
>>>
>>> making the correct version of the above become
>>>
>>> snprintf(Descr(buf), foo);
>>
>> Not quite right. If buf is a char array, as suggested by the use of
>> sizeof, then you're not passing a char* to snprintf.
>
> What am I passing, then?
Here's what gcc tells me (I declared buf as char buf[512]):
sprintf.c:8: warning: passing argument 1 of ‘snprintf’ from
incompatible pointer type
/usr/include/stdio.h:363: note: expected ‘char * __restrict__’ but
argument is of type ‘char (*)[512]’
You just need to lose the & from the macro.
--
regards,
kushal
More information about the Python-list
mailing list