Date: Fri, 4 Jan 2013 16:28:22 +0100 From: Jilles Tjoelker <jilles@stack.nl> To: Mateusz Guzik <mjguzik@gmail.com> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, David Xu <davidxu@FreeBSD.org> Subject: Re: svn commit: r245036 - head/sys/kern Message-ID: <20130104152822.GA69526@stack.nl> In-Reply-To: <20130104113354.GB26239@dft-labs.eu> References: <201301041111.r04BBDjZ013380@svn.freebsd.org> <20130104113354.GB26239@dft-labs.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 04, 2013 at 12:33:54PM +0100, Mateusz Guzik wrote: > On Fri, Jan 04, 2013 at 11:11:13AM +0000, David Xu wrote: > > Author: davidxu > > Date: Fri Jan 4 11:11:12 2013 > > New Revision: 245036 > > URL: http://svnweb.freebsd.org/changeset/base/245036 > > Log: > > Revert revision 244760 because strncpy pads trailing space with zero, > > this prevents kernel data from being leaked. > I think it would be better to teach strlcpy to zero-pad as well. Because the buffer is usually much bigger than the string and overwriting the entire buffer is usually not necessary, I think changing strlcpy to fill the buffer would needlessly give up performance. Besides, there are many existing implementations of strlcpy that do not fill the buffer. Therefore, portable code still needs to zero-pad if it relies on that. Also, zero-padding will actively break incorrect programs that pass too high size parameters to strlcpy but strings that fit in the actual buffer. This might threaten the stability of head. If you want this, it makes more sense to create a new function. -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130104152822.GA69526>