This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Implement C11 annex K?
- From: Rich Felker <dalias at libc dot org>
- To: Paul Eggert <eggert at cs dot ucla dot edu>
- Cc: dwheeler at dwheeler dot com, libc-alpha <libc-alpha at sourceware dot org>
- Date: Mon, 18 Aug 2014 15:22:39 -0400
- Subject: Re: Implement C11 annex K?
- Authentication-results: sourceware.org; auth=none
- References: <E1XJAbf-0005c9-AE at rmm6prod02 dot runbox dot com> <53F1B352 dot 3010207 at cs dot ucla dot edu>
On Mon, Aug 18, 2014 at 01:03:30AM -0700, Paul Eggert wrote:
> Here are details for the above analysis.
>
> >addrmatch.c:321:
> >... The one-line snprintf version is this horror:
>
> That's because you wrote it in a horrible way. This is better:
>
> if (snprintf(addrbuf, sizeof addrbuf, "%s", p) >= sizeof addrbuf)
> return -1;
>
> Though I wouldn't use snprintf here, as the following distinguishes
> the check from the action more clearly:
>
> if (strlen(p) >= sizeof addrbuf)
> return -1;
> strcpy(addrbuf, p);
Or even better:
> if (strnlen(p, sizeof addrbuf) >= sizeof addrbuf)
> return -1;
> strcpy(addrbuf, p);
This avoids the unbounded read time ("DoS") issue.
Rich