svn commit: r245036 - head/sys/kern
Jilles Tjoelker
jilles at stack.nl
Fri Jan 4 15:28:25 UTC 2013
On Fri, Jan 04, 2013 at 12:33:54PM +0100, Mateusz Guzik wrote:
> On Fri, Jan 04, 2013 at 11:11:13AM +0000, David Xu wrote:
> > Author: davidxu
> > Date: Fri Jan 4 11:11:12 2013
> > New Revision: 245036
> > URL: http://svnweb.freebsd.org/changeset/base/245036
> > Log:
> > Revert revision 244760 because strncpy pads trailing space with zero,
> > this prevents kernel data from being leaked.
> I think it would be better to teach strlcpy to zero-pad as well.
Because the buffer is usually much bigger than the string and
overwriting the entire buffer is usually not necessary, I think changing
strlcpy to fill the buffer would needlessly give up performance.
Besides, there are many existing implementations of strlcpy that do not
fill the buffer. Therefore, portable code still needs to zero-pad if it
relies on that.
Also, zero-padding will actively break incorrect programs that pass too
high size parameters to strlcpy but strings that fit in the actual
buffer. This might threaten the stability of head.
If you want this, it makes more sense to create a new function.
--
Jilles Tjoelker
More information about the svn-src-head
mailing list