From owner-freebsd-commit  Fri Sep 15 07:06:36 1995
Return-Path: owner-commit
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id HAA04053
          for freebsd-commit-outgoing; Fri, 15 Sep 1995 07:06:36 -0700
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id HAA04028
          for cvs-all-outgoing; Fri, 15 Sep 1995 07:06:31 -0700
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id HAA04014
          for cvs-lib-outgoing; Fri, 15 Sep 1995 07:06:29 -0700
Received: from jhome.DIALix.COM (jhome.DIALix.COM [192.203.228.69])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id HAA03994
          ; Fri, 15 Sep 1995 07:06:12 -0700
Received: (from peter@localhost) by jhome.DIALix.COM (8.6.12/8.6.9) id WAA01358; Fri, 15 Sep 1995 22:05:34 +0800
Date: Fri, 15 Sep 1995 22:05:33 +0800 (WST)
From: Peter Wemm <peter@jhome.DIALix.COM>
To: CVS-commiters@freefall.freebsd.org, cvs-lib@freefall.freebsd.org
Subject: Re: cvs commit: src/lib/libc/gen syslog.c
In-Reply-To: <199509151353.GAA02069@freefall.freebsd.org>
Message-ID: <Pine.BSF.3.91.950915215901.950C-100000@jhome.DIALix.COM>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-commit@FreeBSD.org
Precedence: bulk

On Fri, 15 Sep 1995, Peter Wemm wrote:
> 
> peter       95/09/15 06:53:41
> 
>   Modified:    lib/libc/gen  syslog.c
>   Log:
>   Fix security bugs with a "new approach", using stdio's powerful buffer
>   control hooks.
>   It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
>   attached to a string buffer.  There is also an optimisation for the case
>   where the syslog format string does not contain %m, which should improve
>   performance of "informational" logging, like from ftpd.
> 

In case anybody looks over this and sees that tbuf is not null 
terminated, that is intentional.  In the original implementation it 
wasn't either, and I dont use tbuf as a "c-style string" anywhere.. It's
just a bunch of arbitary bytes.  fmt_cpy *is* used as a c-style string, 
and is null terminated.

Since this is attacking the problem from a different angle, it is 
possible that it might trip something up somewhere, but I've been running 
this (and earlier versions) in my libc for a while without any problems 
(other than mistakes caused by self inflicted stupidity.. :-).

-Peter