From owner-svn-src-all@FreeBSD.ORG  Fri Jan  4 20:57:01 2013
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 3E20B939;
 Fri,  4 Jan 2013 20:57:01 +0000 (UTC)
 (envelope-from oleg.moskalenko@citrix.com)
Received: from SMTP02.CITRIX.COM (smtp02.citrix.com [66.165.176.63])
 by mx1.freebsd.org (Postfix) with ESMTP id DB3CD8DB;
 Fri,  4 Jan 2013 20:56:59 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="4.84,412,1355097600"; 
   d="scan'208";a="2571987"
Received: from sjcpmailmx02.citrite.net ([10.216.14.75])
 by FTLPIPO02.CITRIX.COM with ESMTP/TLS/RC4-MD5; 04 Jan 2013 20:56:57 +0000
Received: from SJCPMAILBOX01.citrite.net ([10.216.4.72]) by
 SJCPMAILMX02.citrite.net ([10.216.14.75]) with mapi; Fri, 4 Jan 2013 12:56:56
 -0800
From: Oleg Moskalenko <oleg.moskalenko@citrix.com>
To: 'Robert Watson' <rwatson@FreeBSD.org>, Mateusz Guzik <mjguzik@gmail.com>
Date: Fri, 4 Jan 2013 12:56:56 -0800
Subject: RE: svn commit: r245036 - head/sys/kern
Thread-Topic: svn commit: r245036 - head/sys/kern
Thread-Index: Ac3qu4LzQPwSTJxEQJuLzMOdgYHntQAAZboQ
Message-ID: <031222CBCF33214AB2EB4ABA279428A3012CA8FA98F2@SJCPMAILBOX01.citrite.net>
References: <201301041111.r04BBDjZ013380@svn.freebsd.org>
 <20130104113354.GB26239@dft-labs.eu>
 <alpine.BSF.2.00.1301042036440.61411@fledge.watson.org>
In-Reply-To: <alpine.BSF.2.00.1301042036440.61411@fledge.watson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>,
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>,
 "src-committers@freebsd.org" <src-committers@freebsd.org>,
 David Xu <davidxu@FreeBSD.org>
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2013 20:57:01 -0000



> -----Original Message-----
> > I think it would be better to teach strlcpy to zero-pad as well.
>=20
> I'd rather we created new functions with new names that add the non-porta=
ble
> zeroing behaviour -- perhaps strlpcpy() and strnpcpy(), or something equa=
lly
> incomprehensible.  This semantic may actually trigger bugs in code that i=
s
> correct (albeit badly written) using strncpy() and strlcpy() in a way tha=
t never fully
> fills the buffer (due to some external invariant) and has an incorrect bo=
unds
> check -- and potentially trigger performance problems when target buffers=
 are
> much larger than the copied data.
>=20
> Robert
> _______________________________________________

Robert is right - this is not a good idea to rely on a non-standard "smart"=
 behavior of basic functions. If the developer wants to code it "securely",=
 he/she always can use his own wrappers around the strncpy() etc. Any inher=
ent built-in behavior that is not "standard" is affecting future maintenanc=
e of the code.  =20

Oleg