This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Allocation buffers for NSS result construction
- From: DJ Delorie <dj at redhat dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Tue, 16 May 2017 13:22:35 -0400
- Subject: Re: [PATCH] Allocation buffers for NSS result construction
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dj at redhat dot com
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 97C4F80C32
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 97C4F80C32
Florian Weimer <fweimer@redhat.com> writes:
> Oh. Well. I don't think I want to paper over *that*. A crash in
> strlen seems to be just fine, rather than ignoring the issue and perhaps
> returning grossly misleading data.
I think you misunderstand - I *intentionally* put bad data in the test
data to make sure the code handles it without crashing, and passes it
along accurately, and that the testsuite can detect and validate it.
A crash in strlen() means I can't use your code, or have to wrap it in
my own checks because I can't trust it.