Re: libc: string: bcopy: get rid of unneeded goto
just noticed, memmove.c does that too: https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/lib/libc/string/memmove.c?rev=1.2&content-type=text/plain
libc: string: bcopy: get rid of unneeded goto
Index: bcopy.c === RCS file: /cvs/src/lib/libc/string/bcopy.c,v retrieving revision 1.7 diff -u -p -r1.7 bcopy.c --- bcopy.c 31 Aug 2015 02:53:57 - 1.7 +++ bcopy.c 24 Aug 2017 19:16:30 - @@ -53,7 +53,7 @@ bcopy(const void *src0, void *dst0, size size_t t; if (length == 0 || dst == src) /* nothing to do */ - goto done; + return; /* * Macros: loop-t-times; and loop-t-times, t>0 @@ -107,7 +107,5 @@ bcopy(const void *src0, void *dst0, size t = length & wmask; TLOOP(*--dst = *--src); } -done: - return; } DEF_WEAK(bcopy);
Re: mount(8): strlen + malloc + snprintf == asprintf
On 2016-09-05 11:03, Tom Cosgrove wrote: Ali H. Fardan 5-Sep-16 08:47 >>> On 2016-09-05 10:44, David Gwynne wrote: >> On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: >> >> and why is he telling me this? I just said if the destination is a >> pointer to char, how would a function automagically allocate a size >> for it? > > its not a pointer to a char, its a pointer to a char pointer: > > as per the man page: > > int > asprintf(char **ret, const char *format, ...); > > dlg Still doesn't mean that it can automagically allocate a correct buffer size. It does allocate the correct buffer size. It's got all the information it needs to do that with the format string and the parameters. Then it returns the buffer address via the `ret' argument. If you don't believe us, read the source code and tell us where we are wrong. Tom then that patch does weaken security, the buffer can overflow.
Re: mount(8): strlen + malloc + snprintf == asprintf
On 2016-09-05 11:04, Otto Moerbeek wrote: On Mon, Sep 05, 2016 at 10:47:06AM +0300, Ali H. Fardan wrote: On 2016-09-05 10:44, David Gwynne wrote: > > On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: > > > > and why is he telling me this? I just said if the destination is a > > pointer to char, how would a function automagically allocate a size > > for it? > > its not a pointer to a char, its a pointer to a char pointer: > > as per the man page: > > int > asprintf(char **ret, const char *format, ...); > > dlg > Still doesn't mean that it can automagically allocate a correct buffer size. Yes it does. Arguing about this doesn't help anybody. Go study some C. -Otto You got no explanation for your argument.
Re: mount(8): strlen + malloc + snprintf == asprintf
On 2016-09-05 10:44, David Gwynne wrote: On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: and why is he telling me this? I just said if the destination is a pointer to char, how would a function automagically allocate a size for it? its not a pointer to a char, its a pointer to a char pointer: as per the man page: int asprintf(char **ret, const char *format, ...); dlg Still doesn't mean that it can automagically allocate a correct buffer size.
Fwd: Re: mount(8): strlen + malloc + snprintf == asprintf
and why is he telling me this? I just said if the destination is a pointer to char, how would a function automagically allocate a size for it? Original Message Subject: Re: mount(8): strlen + malloc + snprintf == asprintf Date: 2016-09-05 10:36 From: "Michael W. Bombardieri" To: "Ali H. Fardan" , Otto Moerbeek Cc: David Gwynne , tech , owner-t...@openbsd.org FWIW the reply seemed like a proper statement to me. The manual page for asprintf() doesn't explain its internals. Do you expect someone to give you a summary of asprintf() internals? I don't see why they should. On 2016-09-05 3:15 PM, Ali H. Fardan wrote: On 2016-09-05 08:52, Otto Moerbeek wrote: On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote: On 2016-09-05 08:01, David Gwynne wrote: > > On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: > > > > You can't specify a buffer size in asprintf() therefore, it is not > > secure, > > you can see that snprintf() does write to the `i` bytes to the buffer > > asprintf allocates the memory it needs to write to, unlike snprintf > which requires a preallocated buffer. when the destination is a pointer to a char, and the passed argument is a memory address, how is it supposed to determine the correct buffer size? Raiz asprintf uses the internals of the printf family of functions. Look in src/lib/libc/stdio for all the details. -Otto If you can read my statement and reply with a proper statement, I'd appreciate it. Raiz
Re: mount(8): strlen + malloc + snprintf == asprintf
On 2016-09-05 08:52, Otto Moerbeek wrote: On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote: On 2016-09-05 08:01, David Gwynne wrote: > > On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: > > > > You can't specify a buffer size in asprintf() therefore, it is not > > secure, > > you can see that snprintf() does write to the `i` bytes to the buffer > > asprintf allocates the memory it needs to write to, unlike snprintf > which requires a preallocated buffer. when the destination is a pointer to a char, and the passed argument is a memory address, how is it supposed to determine the correct buffer size? Raiz asprintf uses the internals of the printf family of functions. Look in src/lib/libc/stdio for all the details. -Otto If you can read my statement and reply with a proper statement, I'd appreciate it. Raiz
Re: mount(8): strlen + malloc + snprintf == asprintf
On 2016-09-05 08:01, David Gwynne wrote: On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: You can't specify a buffer size in asprintf() therefore, it is not secure, you can see that snprintf() does write to the `i` bytes to the buffer asprintf allocates the memory it needs to write to, unlike snprintf which requires a preallocated buffer. when the destination is a pointer to a char, and the passed argument is a memory address, how is it supposed to determine the correct buffer size? Raiz
Re: mount(8): strlen + malloc + snprintf == asprintf
You can't specify a buffer size in asprintf() therefore, it is not
secure,
you can see that snprintf() does write to the `i` bytes to the buffer
Raiz
Original Message
Subject: mount(8): strlen + malloc + snprintf == asprintf
Date: 2016-09-04 19:47
From: Michal Mazurek
To: tech@openbsd.org
do what tb@ did for hexdump
Index: sbin/mount/mount.c
===
RCS file: /cvs/src/sbin/mount/mount.c,v
retrieving revision 1.66
diff -u -p -r1.66 mount.c
--- sbin/mount/mount.c 26 Jun 2016 19:53:40 - 1.66
+++ sbin/mount/mount.c 4 Sep 2016 16:38:41 -
@@ -685,19 +685,16 @@ maketypelist(char *fslist)
char *
catopt(char *s0, const char *s1)
{
- size_t i;
char *cp;
if (s0 && *s0) {
- i = strlen(s0) + strlen(s1) + 1 + 1;
- if ((cp = malloc(i)) == NULL)
+ if (asprintf(&cp, "%s,%s", s0, s1) == -1)
err(1, NULL);
- (void)snprintf(cp, i, "%s,%s", s0, s1);
} else
cp = strdup(s1);
free(s0);
- return (cp);
+ return cp;
}
void
does true.c need command line arguments?
I'm just wondering if true.c does really need int argc and char *argv[] rather than void (src/usr.bin/true/true.c), if not: Index: true.c === RCS file: /cvs/src/usr.bin/true/true.c,v retrieving revision 1.1 diff -r1.1 true.c 6c6 < main(int argc, char *argv[]) --- main(void)
