On 25.02.2018 00:45, Christos Zoulas wrote: > On Feb 25, 12:39am, n...@gmx.com (Kamil Rytarowski) wrote: > -- Subject: Re: CVS commit: src/lib/libc/regex > > | > | --MIMEStream=_0+26969_51985210222325_05798576868 > | Content-Type: multipart/signed; micalg=pgp-sha256; > | protocol="application/pgp-signature"; > | boundary="PkRH582jLcQBCd2EFFVVmMFMcjasCXI54" > | > | This is an OpenPGP/MIME signed message (RFC 4880 and 3156) > | --PkRH582jLcQBCd2EFFVVmMFMcjasCXI54 > | Content-Type: multipart/mixed; boundary="9pUp6Nh9t4hLApFrwb0ID8pUSOtt8VKmJ"; > | protected-headers="v1" > | From: Kamil Rytarowski <n...@gmx.com> > | To: source-changes-d@NetBSD.org, Christos Zoulas <chris...@netbsd.org> > | Message-ID: <23a830fa-8063-e100-c63b-eb86ef7a2...@gmx.com> > | Subject: Re: CVS commit: src/lib/libc/regex > | References: <20160114204147.ba169f...@cvs.netbsd.org> > | In-Reply-To: <20160114204147.ba169f...@cvs.netbsd.org> > | > | > | --9pUp6Nh9t4hLApFrwb0ID8pUSOtt8VKmJ > | Content-Type: text/plain; charset=windows-1252 > | Content-Language: en-US > | Content-Transfer-Encoding: quoted-printable > | > | On 14.01.2016 21:41, Christos Zoulas wrote: > | > +The > | > +.Fa rm > | > +array must be at least 10 elements long, and should contain the result > | > +of the matches from a previous > | > +.Fn regexec > | > +call. > | > | Could we have an argument to regasub(3)/regnsub(3) "size_t nmatch" like > | in regexec(3), instead of assuming >=3D 10 elements long? > | > | It might not be too late to alter this function. There is only 1 user in > | GCC and no stable releases with this API. > | > | My rationale is to sanitize these interfaces without caching the number > | of elements for a regexec(3) call in a sanitizer. Additionally we could > | have an internal sanity check to prevent out of bound operations on the > | "regmatch_t *" type. > > Sure, fix it and pullup-8. > > christos >
Looking at the internals of regasub(3) and regnsub(3), 10 is not just a lower limit, but also the upper limit. I will try to explain it better in a documentation and leave the code as it is.
signature.asc
Description: OpenPGP digital signature
