From owner-svn-src-head@FreeBSD.ORG Fri Jan 4 15:28:25 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7BAC72F2; Fri, 4 Jan 2013 15:28:25 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from mx1.stack.nl (relay02.stack.nl [IPv6:2001:610:1108:5010::104]) by mx1.freebsd.org (Postfix) with ESMTP id 2B3228E4; Fri, 4 Jan 2013 15:28:25 +0000 (UTC) Received: from snail.stack.nl (snail.stack.nl [IPv6:2001:610:1108:5010::131]) by mx1.stack.nl (Postfix) with ESMTP id 04116358C58; Fri, 4 Jan 2013 16:28:23 +0100 (CET) Received: by snail.stack.nl (Postfix, from userid 1677) id E34B72848C; Fri, 4 Jan 2013 16:28:22 +0100 (CET) Date: Fri, 4 Jan 2013 16:28:22 +0100 From: Jilles Tjoelker To: Mateusz Guzik Subject: Re: svn commit: r245036 - head/sys/kern Message-ID: <20130104152822.GA69526@stack.nl> References: <201301041111.r04BBDjZ013380@svn.freebsd.org> <20130104113354.GB26239@dft-labs.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130104113354.GB26239@dft-labs.eu> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, David Xu X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2013 15:28:25 -0000 On Fri, Jan 04, 2013 at 12:33:54PM +0100, Mateusz Guzik wrote: > On Fri, Jan 04, 2013 at 11:11:13AM +0000, David Xu wrote: > > Author: davidxu > > Date: Fri Jan 4 11:11:12 2013 > > New Revision: 245036 > > URL: http://svnweb.freebsd.org/changeset/base/245036 > > Log: > > Revert revision 244760 because strncpy pads trailing space with zero, > > this prevents kernel data from being leaked. > I think it would be better to teach strlcpy to zero-pad as well. Because the buffer is usually much bigger than the string and overwriting the entire buffer is usually not necessary, I think changing strlcpy to fill the buffer would needlessly give up performance. Besides, there are many existing implementations of strlcpy that do not fill the buffer. Therefore, portable code still needs to zero-pad if it relies on that. Also, zero-padding will actively break incorrect programs that pass too high size parameters to strlcpy but strings that fit in the actual buffer. This might threaten the stability of head. If you want this, it makes more sense to create a new function. -- Jilles Tjoelker