While the server does append a NUL at the end of the string, any network facing code should not assume that a string is NUL terminated. An evil server can choose to do otherwise.
On Wednesday, July 25, 2012 11:48:09 AM, Garrett Wollman wrote: > <<On Tue, 24 Jul 2012 22:06:35 -0400, I wrote: > >> Some interfaces in the client-side protection library, like >> pr_CreateUser, pr_CreateGroup, and pr_SNameToId, unconditionally >> downcase their arguments, which prevents them from being constified. >> Other interfaces, like pr_AddToGroup and pr_RemoveUserFromGroup, do >> not do so. Can anyone explain the reason for this inconsistency? It >> would make more sense to me if these interfaces either all did >> case-folding, or all did not. > > Another strange inconsistency: these routines are very unclear about > whether they are dealing with strings or not. In places they are > careful to use interfaces like strncpy() that work on buffers, but > in other places they call string-only interfaces like stolower() that > will cheerfully walk off the end of the buffer. Is PR_MAXNAMELEN > supposed to account for a trailing null or not? (The RPC side of > things appears to believe the latter, although I haven't looked > closely enough to be certain.) > > -GAWollman > > _______________________________________________ > OpenAFS-devel mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-devel
signature.asc
Description: OpenPGP digital signature
