Subject: Re: CVS commit: src/sys
To: None <sjg@crufty.net>
From: M. Warner Losh <imp@bsdimp.com>
List: tech-kern
Date: 04/25/2004 11:01:55
In message: <20040425044912.94DFEA655@zen.crufty.net>
sjg@crufty.net (Simon J. Gerraty) writes:
: cp += snprintf(...)
Maybe people shouldn't do that at all. No need to have a cp +=
safe_sprintf() because the code is still wrong in the buffer overflow
case: if it returns 0, future uses of cp will be wrong.
Better to say
snprintf()
if (cp + strlen(cp) > ep)
/* handle badness */
So what you propose would fix the 'negativge offset' issue, but not
deeper issues.
Warner