> Rod.. Whitworth wrote: > >>>> /* Made up example of course */ > >>>>- if (!strcmp(buf,"n/a")) > >>>>+ if (!strncmp(buf,"n/a",3)) > > you would have seen several instances of str*** func calls being > > replaced by strn*** func when the str ones were unsafe. Seeing that it > > The one has little to do with the other. What if buf, in the made-up > example, contains "n/abc"? strcmp() says it's not the same, while the > strncmp() line above does. Either function requires a valid, > NUL-terminated C string, and both need to be smart enough to not read > past that NUL (and they are.) > > I highly doubt that a str?cmp() "fix" ever went in like that, unless the > different behavior was desired. It would be nice if Patrick could > mention what he specifically means, because such a patch would most > likely be wrong if it went in as an errenous "safe string function" > replacement attempt.
I grepped the ports tree patches. There are at least 10 of these bad patches. Someone should go delete them.