and why is he telling me this? I just said if the destination is a
pointer to char, how would a function automagically allocate a size
for it?
-------- Original Message --------
Subject: Re: mount(8): strlen + malloc + snprintf == asprintf
Date: 2016-09-05 10:36
From: "Michael W. Bombardieri" <m...@iinet.net.au>
To: "Ali H. Fardan" <r...@firemail.cc>, Otto Moerbeek <o...@drijf.net>
Cc: David Gwynne <da...@gwynne.id.au>, tech <tech@openbsd.org>,
owner-t...@openbsd.org
FWIW the reply seemed like a proper statement to me.
The manual page for asprintf() doesn't explain its internals. Do you
expect someone to give you a summary of asprintf() internals? I don't
see why they should.
On 2016-09-05 3:15 PM, Ali H. Fardan wrote:
On 2016-09-05 08:52, Otto Moerbeek wrote:
On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote:
On 2016-09-05 08:01, David Gwynne wrote:
> > On 5 Sep 2016, at 12:13, Ali H. Fardan <r...@firemail.cc> wrote:
> >
> > You can't specify a buffer size in asprintf() therefore, it is not
> > secure,
> > you can see that snprintf() does write to the `i` bytes to the buffer
>
> asprintf allocates the memory it needs to write to, unlike snprintf
> which requires a preallocated buffer.
when the destination is a pointer to a char, and the passed argument
is a
memory address, how is it supposed to determine the correct buffer
size?
Raiz
asprintf uses the internals of the printf family of functions. Look in
src/lib/libc/stdio for all the details.
-Otto
If you can read my statement and reply with a proper statement,
I'd appreciate it.
Raiz
