From owner-freebsd-audit Tue Jan 16 15: 5:27 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id A562137B401 for ; Tue, 16 Jan 2001 15:05:10 -0800 (PST) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f0GN51s32264; Tue, 16 Jan 2001 16:05:01 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200101162305.f0GN51s32264@harmony.village.org> To: Chris Faulhaber Subject: Re: strlcat fixes Cc: freebsd-audit@FreeBSD.ORG In-reply-to: Your message of "Tue, 16 Jan 2001 17:48:46 EST." <20010116174845.A95772@peitho.fxp.org> References: <20010116174845.A95772@peitho.fxp.org> Date: Tue, 16 Jan 2001 16:05:01 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010116174845.A95772@peitho.fxp.org> Chris Faulhaber writes: : The first ensures that memory is not read if strlcat is : called with a 0 size, ensuring potentially unallocated : memory is not read: : : - while (*d != '\0' && n-- != 0) : + while (n-- != 0 && *d != '\0') This doesn't matter. The only time this would matter would be if dst was NULL, which is undefined anyway. There's no reason to change this and it makes us gratuitously different than OpenBSD. : The second corrects the wording regarding the return value: : : - * Returns strlen(src); if retval >= siz, truncation occurred. : + * Returns the smaller of strlen(dst) + strlen(src) and siz + strlen(src); : + * if retval >= siz, truncation occurred. This is OK. However, I'll talk to Todd Miller of OpenBSD tonight to coordinate with them this change. I'm having a beer with him and he's keeper of libc in OpenBSD. You might want to mail him before making the change in our tree. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message