From owner-freebsd-hackers  Thu Jul 15 16:34:15 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from dingo.cdrom.com (dingo.cdrom.com [204.216.28.145])
	by hub.freebsd.org (Postfix) with ESMTP id 130601562D
	for <freebsd-hackers@FreeBSD.ORG>; Thu, 15 Jul 1999 16:34:13 -0700 (PDT)
	(envelope-from mike@dingo.cdrom.com)
Received: from dingo.cdrom.com (localhost.cdrom.com [127.0.0.1])
	by dingo.cdrom.com (8.9.3/8.8.8) with ESMTP id QAA01720;
	Thu, 15 Jul 1999 16:29:53 -0700 (PDT)
	(envelope-from mike@dingo.cdrom.com)
Message-Id: <199907152329.QAA01720@dingo.cdrom.com>
X-Mailer: exmh version 2.0.2 2/24/98
To: Paul Hart <hart@iserver.com>
Cc: Julian Elischer <julian@whistle.com>, freebsd-hackers@FreeBSD.ORG
Subject: Re: OpenBSD's strlcpy(3) and strlcat(3) 
In-reply-to: Your message of "Thu, 15 Jul 1999 17:20:52 MDT."
             <Pine.BSF.3.96.990715171650.19105D-100000@anchovy.orem.iserver.com> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 15 Jul 1999 16:29:53 -0700
From: Mike Smith <mike@smith.net.au>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> On Thu, 15 Jul 1999, Julian Elischer wrote:
> 
> > There was a talk on these (strlcpy(3) and strlcat(3)) at USENIX.
> > The logic as to their design was presented and I agree totally with 
> > the way that the logic was played out into the functions.
> > 
> > They are described in the FreeNIX proceedings on page 175.
> > I feel they make a lot more sense that teh present version sand we should
> > support OpenBSD's application to Posix to make them standard.
> 
> Yes, this discussion started out on freebsd-security and when I first
> wrote about it, I mentioned the paper at USENIX by Todd Miller and Theo de
> Raadt.  It was later mentioned that the paper and accompanying slides are
> available at:
> 
>     http://www.openbsd.org/papers/strlcpy-paper.ps
>     http://www.openbsd.org/papers/strlcpy-slides.ps
> 
> I think each function is well thought out and I think they'd be a great
> addition to FreeBSD.

Ugh.  Take the first example in the paper; it rewrites as

	len = asprintf(&path, "%s/.foorc");

as opposed to

	strlcat(path, homedir, sizeof(path));
	strlcat(path, "/", sizeof(path));
	strlcat(path, ".foord", sizeof(path));
	len = strlen(path);

Yes, they're a better str*cat/cpy, but they're not the solution that 
they claim to be.

-- 
\\  The mind's the standard       \\  Mike Smith
\\  of the man.                   \\  msmith@freebsd.org
\\    -- Joseph Merrick           \\  msmith@cdrom.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message