On 20 July 2016 at 22:23, Don Lewis <truck...@freebsd.org> wrote:
> It passes a fixed-length non-NUL terminated buffer (returned by read(2))
> to mbrtowc(). In addition to the lack of termination, the buffer could
> also contain a partial character at its beginning or end if the contents
> are UTF-8.
> The Coverity ID is 978825.
I don't have access to Coverity, but with boru's help, I managed to
check the lines. There is no problem as far as I can tell --- yes, the
buffer is not NUL-terminated , *BUT* `mbrtowc(3)` takes a `len`
argument (which is returned from said `read(2)`), so it never tries to
read out of scope [2,3].
The problem might still be elsewhere, though --- the code is somewhat
hairy, so I'll give it a closer check tomorrow.
 `man 3 mbrtowc`
email@example.com mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"