From owner-freebsd-current  Sat Oct 14 15:37:32 1995
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id PAA20335
          for current-outgoing; Sat, 14 Oct 1995 15:37:32 -0700
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id PAA20327
          for <freebsd-current@freefall.freebsd.org>; Sat, 14 Oct 1995 15:37:28 -0700
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id IAA27701; Sun, 15 Oct 1995 08:35:20 +1000
Date: Sun, 15 Oct 1995 08:35:20 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199510142235.IAA27701@godzilla.zeta.org.au>
To: jc@irbs.com, terry@lambert.org
Subject: Re: phkmalloc and X programs
Cc: freebsd-current@freefall.freebsd.org
Sender: owner-current@FreeBSD.org
Precedence: bulk

>> Here is another broken X program.  Notice the assumption that
>> malloc() returns zeroed memory.
>> 
>> xhost.c:
>> 
>>     namelen = strlen(name);
>>     if ((lname = (char *)malloc(namelen)) == NULL) {
>>         fprintf (stderr, "%s: malloc bombed in change_host\n", ProgramName);
>>         exit (1);
>>     }
>>     for (i = 0; i < namelen; i++) {
>>         lname[i] = tolower(name[i]);
>>     }
>>     if (!strncmp("inet:", lname, 5)) {
>>     ...
>>     ...

>The only assumption in this code is that namelen is >= 5.

Nope.  Suppose lname is initially "INOT:" and name is "inet"

>There is no assumption of numm termination on the lname string implicit
>in the malloc; if there were, it would be "namelen = strlen(name) + 1;".

That may be why the author thought that termination was unnecessary.

Bruce