Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Apr 2007 12:54:45 -0400
From:      John Baldwin <jhb@freebsd.org>
To:        "Andrey A. Chernov" <ache@freebsd.org>
Cc:        cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org
Subject:   Re: cvs commit: src/usr.sbin/sysinstall main.c
Message-ID:  <200704301254.45807.jhb@freebsd.org>
In-Reply-To: <200704301229.21190.jhb@freebsd.org>
References:  <200704301516.l3UFGJbu019162@repoman.freebsd.org> <200704301229.21190.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Monday 30 April 2007 12:29:20 pm John Baldwin wrote:
> On Monday 30 April 2007 11:16:19 am Andrey A. Chernov wrote:
> > ache        2007-04-30 15:16:19 UTC
> > 
> >   FreeBSD src repository
> > 
> >   Modified files:
> >     usr.sbin/sysinstall  main.c 
> >   Log:
> >   Preparing for upcoming POSIXed putenv() rewrite:
> >   don't allow const as putenv() arg, dup it
> 
> Have you coordinated at all with the guy on current@ who has patches to make 
> setenv(3) not leak memory as bad?  Also, given that we malloc a limited 
space 
> for the string values, I don't see how you can make it so that one can 
always 
> just overwrite the string pointed to by putenv(3)'s return value to change 
> the value.  If we malloc a buffer for length N and the user wants to set the 
> length to M > N, we pretty much have to malloc a new buffer that will end up 
> at a different address, so places holding onto the previous value returned 
> from putenv(3) will stop seeing updates.

Hmm, I think I see that this is orthogonal to the setenv(3) fix, but still, if 
one does this:

	char *cp = strdup("FOO=bar");
	putenv(cp);
	...
	setenv("FOO", "baz");
	...
	setenv("FOO", "really_long_string");
	...
	printf("FOO: %s\n", cp + 4);

You are going to get 'baz' in the printf output.  Or if one does:

	char *cp = strdup("FOO=bar");
	putenv(cp);
	...
	setenv("FOO", "really_long_string");
	...
	strcpy(cp + 4, "baz");
	...
	printf("FOO: %s\n", getenv("FOO"));

You are going to get 'really_long_string' in the printf output, and not 'baz'.

-- 
John Baldwin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704301254.45807.jhb>