On 16.07.2013 11:26, Andriy Gapon wrote: > Modified: head/lib/libc/stdlib/getenv.c > ============================================================================== > --- head/lib/libc/stdlib/getenv.c Tue Jul 16 06:50:22 2013 > (r253379) > +++ head/lib/libc/stdlib/getenv.c Tue Jul 16 07:26:46 2013 > (r253380) > @@ -505,7 +505,7 @@ __setenv(const char *name, size_t nameLe > envVars[envNdx].valueSize = valueLen; > > /* Save name of name/value pair. */ > - env = stpcpy(envVars[envNdx].name, name); > + env = stpncpy(envVars[envNdx].name, name, nameLen); > if ((envVars[envNdx].name)[nameLen] != '=') > env = stpcpy(env, "="); > } >
I am not sure what you are trying to fix, but you just made next line condition unpredictable random, since (envVars[envNdx].name)[nameLen] is never filled now and there is freshly malloced memory content, which is picked for != '=' comparison. Please back it out or fix. Bug demonstration example added will be nice too, I see no bug in the original code at first glance. -- http://ache.vniz.net/ bitcoin:1G6ugdNY6e5jx1GVnAU2ntj2NEfmjKG85r _______________________________________________ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
