diff options
author | Simon Tatham <anakin@pobox.com> | 2019-10-14 21:42:37 +0300 |
---|---|---|
committer | Simon Tatham <anakin@pobox.com> | 2019-10-14 21:42:37 +0300 |
commit | 1547c9c1ec44077e4b9d1506e880820cbed8e319 (patch) | |
tree | 89fcdec799374252994a5b773da3a8b9145668b6 /pscp.c | |
parent | 283bd541a61555cd3ab18e3c686894dcc6576b1b (diff) |
Make dupcat() into a variadic macro.
Up until now, it's been a variadic _function_, whose argument list
consists of 'const char *' ASCIZ strings to concatenate, terminated by
one containing a null pointer. Now, that function is dupcat_fn(), and
it's wrapped by a C99 variadic _macro_ called dupcat(), which
automatically suffixes the null-pointer terminating argument.
This has three benefits. Firstly, it's just less effort at every call
site. Secondly, it protects against the risk of accidentally leaving
off the NULL, causing arbitrary words of stack memory to be
dereferenced as char pointers. And thirdly, it protects against the
more subtle risk of writing a bare 'NULL' as the terminating argument,
instead of casting it explicitly to a pointer. That last one is
necessary because C permits the macro NULL to expand to an integer
constant such as 0, so NULL by itself may not have pointer type, and
worse, it may not be marshalled in a variadic argument list in the
same way as a pointer. (For example, on a 64-bit machine it might only
occupy 32 bits. And yet, on another 64-bit platform, it might work
just fine, so that you don't notice the mistake!)
I was inspired to do this by happening to notice one of those bare
NULL terminators, and thinking I'd better check if there were any
more. Turned out there were quite a few. Now there are none.
Diffstat (limited to 'pscp.c')
-rw-r--r-- | pscp.c | 15 |
1 files changed, 7 insertions, 8 deletions
@@ -120,7 +120,7 @@ static void tell_user(FILE *stream, const char *fmt, ...) va_start(ap, fmt); str = dupvprintf(fmt, ap); va_end(ap); - str2 = dupcat(str, "\n", NULL); + str2 = dupcat(str, "\n"); sfree(str); abandon_stats(); tell_str(stream, str2); @@ -231,7 +231,7 @@ static NORETURN void bump(const char *fmt, ...) va_start(ap, fmt); str = dupvprintf(fmt, ap); va_end(ap); - str2 = dupcat(str, "\n", NULL); + str2 = dupcat(str, "\n"); sfree(str); abandon_stats(); tell_str(stderr, str2); @@ -762,7 +762,7 @@ int scp_send_filename(const char *name, uint64_t size, int permissions) struct fxp_attrs attrs; if (scp_sftp_targetisdir) { - fullname = dupcat(scp_sftp_remotepath, "/", name, NULL); + fullname = dupcat(scp_sftp_remotepath, "/", name); } else { fullname = dupstr(scp_sftp_remotepath); } @@ -917,7 +917,7 @@ int scp_send_dirname(const char *name, int modes) bool ret; if (scp_sftp_targetisdir) { - fullname = dupcat(scp_sftp_remotepath, "/", name, NULL); + fullname = dupcat(scp_sftp_remotepath, "/", name); } else { fullname = dupstr(scp_sftp_remotepath); } @@ -1128,8 +1128,7 @@ int scp_get_sink_action(struct scp_sink_action *act) if (head->namepos < head->namelen) { head->matched_something = true; fname = dupcat(head->dirpath, "/", - head->names[head->namepos++].filename, - NULL); + head->names[head->namepos++].filename); must_free_fname = true; } else { /* @@ -1549,7 +1548,7 @@ static void run_err(const char *fmt, ...) va_start(ap, fmt); errs++; str = dupvprintf(fmt, ap); - str2 = dupcat("pscp: ", str, "\n", NULL); + str2 = dupcat("pscp: ", str, "\n"); sfree(str); scp_send_errmsg(str2); abandon_stats(); @@ -1697,7 +1696,7 @@ static void rsource(const char *src) if (dir != NULL) { char *filename; while ((filename = read_filename(dir)) != NULL) { - char *foundfile = dupcat(src, "/", filename, NULL); + char *foundfile = dupcat(src, "/", filename); source(foundfile); sfree(foundfile); sfree(filename); |