This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH,HURD] hurd: compliance fixes for getlogin_r


Alle sabato 28 aprile 2012, Roland McGrath ha scritto:
> You can just use string_t and no need for the XXX comment.

Fixed. (I initially made my changes as less intrusive as possible.)

> libc code can use C99 freely these days, so use an inline
> initializing declaration rather than pre-declaring a new variable.

Hm ok; is it bad if I leave them as it is, for now?

> I don't think there's any need to iniitalize the result buffer.  We
> trust the RPC stubs to return a properly-terminated string on
> success, and if they didn't then that wouldn't necessarily catch it
> anyway.  If you want that sort of paranoia, use __strnlen (login,
> sizeof login - 1).
> 
> If you've already called strlen/strnlen then don't use strncpy,
> just use memcpy with the known length.

Fixed.

Attached there is the updated patch.

-- 
Pino Toscano
hurd: compliance fixes for getlogin_r

* do not make `login' static, as it would make getlogin_r no more reentrant;
change its type to string_t.
* fail with ERANGE if the `name' buffer has not enough space for the actual
login string
* copy with memcpy only the chars of the string

2012-04-28  Pino Toscano  <toscano.pino@tiscali.it>

	* sysdeps/mach/hurd/getlogin_r.c: Make LOGIN static and as string_t.
	Return -1 and set ERANGE if NAME is not big enough.
--- a/sysdeps/mach/hurd/getlogin_r.c
+++ b/sysdeps/mach/hurd/getlogin_r.c
@@ -30,13 +30,21 @@
      char *name;
      size_t name_len;
 {
-  static char login[1024];	/* XXX */
+  string_t login;
   error_t err;
+  size_t len;
 
   if (err = __USEPORT (PROC, __proc_getlogin (port, login)))
     return errno = err;
 
-  strncpy (name, login, name_len);
+  len = __strnlen (login, sizeof login - 1) + 1;
+  if (len > name_len)
+    {
+      errno = ERANGE;
+      return errno;
+    }
+
+  memcpy (name, login, len);
   return 0;
 }
 libc_hidden_def (getlogin_r)

Attachment: signature.asc
Description: This is a digitally signed message part.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]