Darren,
> > For just a plain string I think you'll see people do add_tag(&evt,
> > "TAG", string, strlen(string));. That should be discouraged,
> > especially if string is somehow derived from user input.
>
> Why ? Maybe it is necssary to return a value from
> event_tag() and have it "fail" if the "TAG" arg contains bad data ?
Darren, I think the point was that strlen("My \0 log contains") would be
3 ;). But If that is the point, there are numerous other issues in
relation to the run time library...
> Something I would like to remind people about, here, is that
> the transmission of data may not look anything like the
> storing of it in log files. Both have completely different
> purposes so there should be no reason to make their content
> the same (?). Hence the protocol data need not be "grep'able".
Sure ... But I think in order to stay consistent with what is currently
implemented, it is not a bad idea to stick with textual data...
Rainer
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Dec 20 2002 - 20:07:07 PST