Wireshark-dev: Re: [Wireshark-dev] ep_alloc overused?
From: Guy Harris <[email protected]>
Date: Sat, 24 Oct 2009 19:14:30 -0700
On Oct 24, 2009, at 3:03 PM, Jakub Zawadzki wrote:

Code is ok, and works fine... But I've got 3 questions:
1/ There's ep_strdup_printf() function - shouldn't it be used in cases like it?
    (IMHO best way)
That would be the right choice...

...if info_str were used for something other than col_add_str().

However, in that *particular* case, it's not used for anything else, so it should just use col_add_fstr() in each of the case statements. (Oh, and not use check_col() any more; that's deprecated.)
 2/ Why ep memory is used in first place, shouldn't be
	gchar info_str[200];
    used instead of
	gchar *info_str = ep_alloc(200); ?
Maybe the theory was that overflowing an ep_allocated buffer is better  
than overflowing a stack buffer, but
	1) it's g_snprintf, so you shouldn't *have* a buffer overflow

and

2) as long as you're ep_allocating it, you might as well use ep_strdup_printf().
 3/ 200 bytes buffer is overkill - shouldn't g_sprintf() be used?
(if programmer make mistake in buffer size canary check will abort program)
I wouldn't vote for g_sprintf() - or any other flavor of sprintf(); I  
don't want to rely on anything else to abort the program if you  
overflow the buffer.
or both 4 ways are ok, and there's no best one? :)
I think the base way to handle this *particular* case is to use  
col_add_fstr().