Hi Valentin, On Fri, Jan 11, 2002 at 12:22:21AM +0200, Valentin Nechayev wrote: > There was a fresh discussion in some maillists (security-audit, glibc-alpha) of > strlcpy() and strlcat() in context of possible inclusion to glibc. > Among others, the question was spoken that strlcat manpage contains a dark > moment of strlcat() return value. One should agree with affirmation that > strlcat() must not check characters after dst[size-1], the first reason > is that memory block can end here; but, James Antill reported that > Sun programmers lost their mind and checks full length of dst as a source > nul-terminated string. (I didn't check his report.) > In this context, I think the following patch should be applied to provide > explicit clarification of this moment and full accordance with source code.
First, it's better to submit such fixes as FreeBSD Problem Reports, or they'll have a fair chance to get lost in the high volume of freebsd-hackers. Second, the strlcat(3) manpage language has already been improved with respect to this issue. The upcoming 4.5-RELEASE will contain the corrected manpage. Thank you for your effort. [Not removind freebsd-hackers from CC to show to the world such messages won't be just ignored here :-) ] -- Yar To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
