From owner-freebsd-hackers Tue Feb 20 6:11:21 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from smtp.nettoll.com (matrix.nettoll.net [212.155.143.61]) by hub.freebsd.org (Postfix) with ESMTP id 1C3A937B491 for ; Tue, 20 Feb 2001 06:11:19 -0800 (PST) (envelope-from usebsd@free.fr) Received: by smtp.nettoll.com; Tue, 20 Feb 2001 15:08:39 +0100 (MET) Message-Id: <4.3.0.20010220150656.060411a0@pop.free.fr> X-Sender: usebsd@pop.free.fr X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Tue, 20 Feb 2001 15:10:41 +0100 To: Matt Dillon From: mouss Subject: Re: Staticaly allocated buffers in library. Is it correct? Cc: "Andrey Simonenko" , freebsd-hackers@FreeBSD.ORG In-Reply-To: <200102192046.f1JKkl738082@earth.backplane.com> References: <96rash$1m1d$1@igloo.uran.net.ua> <4.3.0.20010219200743.054eae40@pop.free.fr> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 12:46 19/02/01 -0800, Matt Dillon wrote: > Yes, but we are talking about simple stupid config files here. Programs > which actually tokenize an input stream typically do not use fgets(). > Tokenizers either use [f]lex, [f]getc(), read() (and handle the buffering > themselves), or mmap(). I used the tokenize() just as an example. I consider that every program that reads a line thinks it is a line and that the next fgets will read the _next_ line. but fgets doesn't guarantee that. so we have the following alternatives: - assume the file is well formed (no too long lines). - check that the lines are not too long. I personally prefer the second alternative. It has a cost, but this is more robust. How many times have we seen things assumed for some time, and then the code reused by someone else in another purpose but failing to check that the assumptions are no more true. This has often resulted in security problems. So I'd go for "trust BUT control". and this is even more important in library functions. cheers, mouss To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message