From owner-freebsd-audit  Thu Apr 26 20:50:37 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16])
	by hub.freebsd.org (Postfix) with ESMTP id 3890037B42C
	for <freebsd-audit@FreeBSD.ORG>; Thu, 26 Apr 2001 20:50:34 -0700 (PDT)
	(envelope-from bde@zeta.org.au)
Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102])
	by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id NAA13576;
	Fri, 27 Apr 2001 13:50:26 +1000
Date: Fri, 27 Apr 2001 13:49:23 +1000 (EST)
From: Bruce Evans <bde@zeta.org.au>
X-Sender: bde@besplex.bde.org
To: "Andrew R. Reiter" <arr@watson.org>
Cc: freebsd-audit@FreeBSD.ORG
Subject: Re: audit work:  libc's setenv() and putenv()
In-Reply-To: <Pine.NEB.3.96L.1010426191933.61693A-100000@fledge.watson.org>
Message-ID: <Pine.BSF.4.21.0104271330300.2367-100000@besplex.bde.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, 26 Apr 2001, Andrew R. Reiter wrote:

> Although, the actions of putenv("=blah"); returning 0 seems weird and
> after talking to Theo a bit.. I've kind of decided to retract this patch
> :-)
> 
> Basically, the sanity checks should not be there.. which I was questioning
> anyway (check below).

Yes, they are like sanity checks for strlen(NULL).  Returning an error code
is worse than dumping core.

I prefer a core dump for setenv("=blah") too.  The behaviour is currently
non-deterministic.

> Also, since openbsd, solaris _and_ freebsd all do
> the returning of 0 on the above call, then I think it would be bad to
> change this functionality.  

Hardly anything checks for errors from setenv() of course.  E.g., the
not unimportant login utility "handles" errors from setenv() by explicitly
ignoring them.

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message