This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Allocation buffers for NSS result construction

From: DJ Delorie <dj at redhat dot com>
To: Florian Weimer <fweimer at redhat dot com>
Cc: libc-alpha at sourceware dot org
Date: Tue, 16 May 2017 13:22:35 -0400
Subject: Re: [PATCH] Allocation buffers for NSS result construction
Authentication-results: sourceware.org; auth=none
Authentication-results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dj at redhat dot com
Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 97C4F80C32
Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 97C4F80C32

Florian Weimer <fweimer@redhat.com> writes:
> Oh.  Well.  I don't think I want to paper over *that*.  A crash in 
> strlen seems to be just fine, rather than ignoring the issue and perhaps 
> returning grossly misleading data.

I think you misunderstand - I *intentionally* put bad data in the test
data to make sure the code handles it without crashing, and passes it
along accurately, and that the testsuite can detect and validate it.

A crash in strlen() means I can't use your code, or have to wrap it in
my own checks because I can't trust it.

References:
- Re: [PATCH] Allocation buffers for NSS result construction
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]