http-push: replace strcat with xsnprintf

We account for these strcats in our initial allocation, but the code is confusing to follow and verify. Let's remember our original allocation length, and then xsnprintf can verify that we don't exceed it. Note that we can't just use xstrfmt here (which would be even cleaner) because the code tries to grow the buffer only when necessary. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Jeff King <peff@peff.net> 2015-09-24 17:06:58 -0400
committer: Junio C Hamano <gitster@pobox.com> 2015-09-25 10:18:18 -0700
commit: 0cc41428596ec1cd3862918ef781793ef7346ba5 (patch)
tree: e24056a8c9430b9d9f58dc4e416931a00c396cf9
parent: 48bcc1c3cc09db1a6da0ce47460fae6e5f7edd4b (diff)
download: git-0cc41428596ec1cd3862918ef781793ef7346ba5.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/http-push.c b/http-push.c
index 1f3788f634..37baff818f 100644
--- a/http-push.c
+++ b/http-push.c
@@ -786,21 +786,21 @@ xml_start_tag(void *userData, const char *name, const char **atts)
 {
 	struct xml_ctx *ctx = (struct xml_ctx *)userData;
 	const char *c = strchr(name, ':');
-	int new_len;
+	int old_namelen, new_len;
 
 	if (c == NULL)
 		c = name;
 	else
 		c++;
 
-	new_len = strlen(ctx->name) + strlen(c) + 2;
+	old_namelen = strlen(ctx->name);
+	new_len = old_namelen + strlen(c) + 2;
 
 	if (new_len > ctx->len) {
 		ctx->name = xrealloc(ctx->name, new_len);
 		ctx->len = new_len;
 	}
-	strcat(ctx->name, ".");
-	strcat(ctx->name, c);
+	xsnprintf(ctx->name + old_namelen, ctx->len - old_namelen, ".%s", c);
 
 	free(ctx->cdata);
 	ctx->cdata = NULL;
author	Jeff King <peff@peff.net>	2015-09-24 17:06:58 -0400
committer	Junio C Hamano <gitster@pobox.com>	2015-09-25 10:18:18 -0700
commit	0cc41428596ec1cd3862918ef781793ef7346ba5 (patch)
tree	e24056a8c9430b9d9f58dc4e416931a00c396cf9
parent	48bcc1c3cc09db1a6da0ce47460fae6e5f7edd4b (diff)
download	git-0cc41428596ec1cd3862918ef781793ef7346ba5.tar.gz