Came across an incorrect comment in httpd(8) explaining memory allocation. Comment claims that 5 times the source memory needs to be allocated if source consists solely of "<" and ">", but those characters expand to four bytes ("&[g/l]t;"). "&" is the reason that 5 times the memory is required ("&");
Index: httpd.c =================================================================== RCS file: /cvs/src/usr.sbin/httpd/httpd.c,v retrieving revision 1.55 diff -u -p -r1.55 httpd.c --- httpd.c 22 May 2016 19:19:21 -0000 1.55 +++ httpd.c 7 Jun 2016 09:18:47 -0000 @@ -744,7 +744,10 @@ escape_html(const char* src) { char *dp, *dst; - /* We need 5 times the memory if every letter is "<" or ">". */ + /* + * We need 5 times the memory if every source character is + * "&" (escaped to "&"). + */ if ((dst = calloc(5, strlen(src) + 1)) == NULL) return NULL;