| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0002834 | Spring engine | General | public | 2011-12-14 11:11 | 2011-12-14 11:13 | ||||||||
| Reporter | abma | ||||||||||||
| Assigned To | |||||||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||||||
| Status | new | Resolution | open | ||||||||||
| Product Version | |||||||||||||
| Target Version | Fixed in Version | ||||||||||||
| Summary | 0002834: usage of non-thread safe functions | ||||||||||||
| Description | spring uses some non-thread safe functions: https://www.securecoding.cert.org/confluence/display/seccode/CON33-C.+Avoid+race+conditions+when+using+library+functions these functions seems to be not safe: rand() getenv() strtok() strerror() asctime() ctime() don't know if there are more... | ||||||||||||
| Additional Information | imo these functions should be completely avoided... even if they are used in non-threaded code, as this could change in the future. grep -R strerror . ./rts/lib/lua/src/lauxlib.cpp: const char *serr = strerror(errno); ./rts/lib/lua/src/loslib.cpp: lua_pushfstring(L, "%s: %s", filename, strerror(en)); ./rts/lib/lua/src/liolib.cpp: lua_pushfstring(L, "%s: %s", filename, strerror(en)); ./rts/lib/lua/src/liolib.cpp: lua_pushfstring(L, "%s", strerror(en)); ./rts/lib/lua/src/liolib.cpp: lua_pushfstring(L, "%s: %s", filename, strerror(errno)); ./rts/lib/lua/src/liolib.cpp: return luaL_error(L, "%s", strerror(errno)); ./rts/System/LoadSave/DemoRecorder.cpp: demoName.c_str(), wantedName.c_str(), strerror(errno)); ./rts/System/FileSystem/FileSystemAbstraction.cpp: LOG_L(L_WARNING, "Could not create directory %s: %s", dir.c_str(), strerror(errno)); ./rts/System/FileSystem/FileSystemAbstraction.cpp: LOG_L(L_WARNING, "Could not delete file %s: %s", file.c_str(), strerror(errno)); ./rts/System/Platform/Misc.cpp: execError = strerror(errno); ./rts/System/Sync/Logger.cpp: fprintf(logfile, " %s\n", strerror(errno)); | ||||||||||||
| Tags | No tags attached. | ||||||||||||
| Checked infolog.txt for Errors | |||||||||||||
| Attached Files |
| ||||||||||||
 Relationships |
|
 Relationships |
| Notes |
|
| There are no notes attached to this issue. |
| Notes |
| Issue History |
|||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2011-12-14 11:11 | abma | New Issue | |
| 2011-12-14 11:13 | abma | Additional Information Updated | |
| Issue History |