On Wednesday 08 February 2012 18:35:28 Doug Anderson wrote:
On Thu, Feb 2, 2012 at 1:21 PM, Mike Frysinger wrote:
On Thursday 02 February 2012 04:11:27 Chander Kashyap wrote:
+int main(int argc, char **argv) +{ ...
unsigned char buffer[BUFSIZE] = {0};
this is an implicit memset() and from what i can see in the code, useless. you read() the entire buffer, so there's no need to initialize it.
Funny, I was just about to submit a patch to add this = {0} myself when I found this message. ;) I would say that it (or a memset, whichever people prefer) is a good idea so that this tool can be used to make a reasonable SPL out of any source binary executable, even ones that are smaller than 14K.
you're right ... i'll claim that i was deceived by the lack of input checking. sounds like the code should be aborting if the input is too large instead of silently truncating. then the memset/{0} is unnecessary: - write out the data read - lseek to the checksum position - write checksum - ftruncate to total length (16KiB?) -mike