From: Jeff King <peff@peff.net>
Date: Tue, 24 Jul 2018 09:26:39 +0000 (-0400)
Subject: banned.h: mark strcat() as banned
X-Git-Tag: v2.19.0-rc0~68^2~2
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/1b11b64b815db62f93a04242e4aed5687a448748

banned.h: mark strcat() as banned

The strcat() function has all of the same overflow problems
as strcpy(). And as a bonus, it's easy to end up
accidentally quadratic, as each subsequent call has to walk
through the existing string.

The last strcat() call went away in f063d38b80 (daemon: use
cld->env_array when re-spawning, 2015-09-24). In general,
strcat() can be replaced either with a dynamic string
(strbuf or xstrfmt), or with xsnprintf if you know the
length is bounded.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

diff --git a/banned.h b/banned.h
index 1a3e526570..34f22a4c25 100644
--- a/banned.h
+++ b/banned.h
@@ -12,5 +12,7 @@
 
 #undef strcpy
 #define strcpy(x,y) BANNED(strcpy)
+#undef strcat
+#define strcat(x,y) BANNED(strcat)
 
 #endif /* BANNED_H */