Date: Thu, 18 Jan 2001 10:31:51 +0000 From: Tony Finch <dot@dotat.at> To: Warner Losh <imp@harmony.village.org> Cc: Chris Faulhaber <jedgar@fxp.org>, freebsd-audit@FreeBSD.ORG Subject: Re: strlcat fixes Message-ID: <20010118103151.F30538@hand.dotat.at> In-Reply-To: <200101162305.f0GN51s32264@harmony.village.org> References: <20010116174845.A95772@peitho.fxp.org> <200101162305.f0GN51s32264@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh <imp@harmony.village.org> wrote: >In message <20010116174845.A95772@peitho.fxp.org> Chris Faulhaber writes: >: The first ensures that memory is not read if strlcat is >: called with a 0 size, ensuring potentially unallocated >: memory is not read: >: >: - while (*d != '\0' && n-- != 0) >: + while (n-- != 0 && *d != '\0') > >This doesn't matter. The only time this would matter would be if dst >was NULL, which is undefined anyway. There's no reason to change this >and it makes us gratuitously different than OpenBSD. That is not correct. A possible situation in which the old code can blow up is if the dst pointer has been advanced through a malloc()ed array, and for some reason has reached one past the end of the array (a legal pointer value, but not dereferenceable) and is therefore pointing into outer space (past sbrk(0)). Tony. -- f.a.n.finch fanf@covalent.net dot@dotat.at "Because all you of Earth are idiots!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010118103151.F30538>