Re: CVS commit: src/lib/libc

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/lib/libc
From: David Holland <dholland-sourcechanges%netbsd.org@localhost>
Date: Mon, 5 Mar 2012 02:40:53 +0000

On Sun, Mar 04, 2012 at 10:31:01PM +0000, David Laight wrote:
 > > > That could be used as a compile-time substitute when the buffer
 > > > size is known - ie when 'sizeof buffer != sizeof (char *)'
 > > 
 > > I don't think that makes too much sense. If you want to read a full
 > > line, use getline. If you don't, loop with fgets until the full line is
 > > read.
 > 
 > I was thinging of a header file fix to allow code to compile
 > without changing the source and with miminal 'security' issues.

Every program that matters was patched 20+ years ago. It is a
nonissue.

(BTW, the reason it's hard to check pkgsrc is not that you can't tell
if an executable uses gets; nm will do that. It's that you have to
unpack all the output packages to inspect them. Or unpack all the
sources. It's much easier to just run a build in a modified chroot.)

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- Re: CVS commit: src/lib/libc
  - From: Izumi Tsutsui
- Re: CVS commit: src/lib/libc
  - From: Warner Losh
- Re: CVS commit: src/lib/libc
  - From: David Holland
- Re: CVS commit: src/lib/libc
  - From: Warner Losh
- Re: CVS commit: src/lib/libc
  - From: David Laight
- Re: CVS commit: src/lib/libc
  - From: Joerg Sonnenberger
- Re: CVS commit: src/lib/libc
  - From: David Laight

Prev by Date: Re: CVS commit: src/sys/arch/i386/i386
Next by Date: Re: CVS commit: src/sys/arch/i386/i386
Previous by Thread: Re: CVS commit: src/lib/libc
Next by Thread: Re: CVS commit: src/distrib/utils/sysinst
Indexes:

Home | Main Index | Thread Index | Old Index