Date: Wed, 17 Jul 2013 11:35:56 +0300 From: Andriy Gapon <avg@FreeBSD.org> To: Andrey Chernov <ache@FreeBSD.org> Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: svn commit: r253380 - head/lib/libc/stdlib Message-ID: <51E6576C.6010000@FreeBSD.org> In-Reply-To: <51E62B37.8080900@freebsd.org> References: <201307160726.r6G7QlwE045679@svn.freebsd.org> <51E61950.5090206@freebsd.org> <51E62219.1090006@freebsd.org> <51E62B37.8080900@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
on 17/07/2013 08:27 Andrey Chernov said the following: > On 17.07.2013 8:48, Andrey Chernov wrote: >> On 17.07.2013 8:10, Andrey Chernov wrote: >>> On 16.07.2013 11:26, Andriy Gapon wrote: >>>> Modified: head/lib/libc/stdlib/getenv.c >>>> ============================================================================== >>>> --- head/lib/libc/stdlib/getenv.c Tue Jul 16 06:50:22 2013 (r253379) >>>> +++ head/lib/libc/stdlib/getenv.c Tue Jul 16 07:26:46 2013 (r253380) >>>> @@ -505,7 +505,7 @@ __setenv(const char *name, size_t nameLe >>>> envVars[envNdx].valueSize = valueLen; >>>> >>>> /* Save name of name/value pair. */ >>>> - env = stpcpy(envVars[envNdx].name, name); >>>> + env = stpncpy(envVars[envNdx].name, name, nameLen); >>>> if ((envVars[envNdx].name)[nameLen] != '=') >>>> env = stpcpy(env, "="); >>>> } >>>> >>> >>> I am not sure what you are trying to fix, but you just made next line >>> condition unpredictable random, since (envVars[envNdx].name)[nameLen] is >>> never filled now and there is freshly malloced memory content, which is >>> picked for != '=' comparison. >>> >>> Please back it out or fix. >> >> If I understand that right, correct version will be: >> >> env = stpncpy(envVars[envNdx].name, name, nameLen); >> env = stpcpy(env, "="); >> >> Condition check is not needed. > > Microoptimized: > > env = stpncpy(envVars[envNdx].name, name, nameLen); > *env++ = '='; > In fact, I think that the currently committed code is not functionally broken, just weird. It is equivalent to: x = unitialized_value; if (x != X) x = X; /* else assert(x == X); */ which should be completely equivalent to just x = X; despite x starting out with random junk. -- Andriy Gapon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51E6576C.6010000>