Backup tool?

[John]

Colin Watson wrote:
> On Tue, Oct 19, 2004 at 09:13:08PM +0800, John wrote:
> 
>>I'm not going to spend much time on this. here are som common C 
>>functions I believe inherently unsafe because they rely on strings not 
>>being too long, and which are used in mondo:
>>strcat()
>>strstr()
>>sprintf()
>>strcpy()
>>strchr()
> 
> 
> Not to argue with the rest of your mail, but in what way are strstr()
> and strchr() inherently unsafe? They aren't. If what you thought was a
> string was already not null-terminated, you've already lost before
> calling strstr() or strchr().

Maybe you're right, as I stressed I'm not expert in C programming. I'm 
not sure that reading off the end of a string is inherently hazardous, 
but a premature termination without a user-comprehensible message isn't 
helpful.

Is carelessly relying on the returned pointer safe? If I search what I 
think is a pointer to a string "john.is.wacko" but that actually points 
to some code (do code and data share the same address space?) and write 
to the target, what then?

What if the area the pointer points to has been freed? Freed and 
allocated to something else? Validating the length might help limit the 
damage.

I don't think those scenarios occur in Mondo, but I'm not convinced that 
they're completely safe.

If I'm right regarding any of the others problems I saw, then it's not a 
program I could recommend anyone use for anything important, except if 
they're really desperate, under close supervision. Even then, I'm sceptical.