Re: libc: string: bcopy: get rid of unneeded goto

[Ali H. Fardan]

just noticed, memmove.c does that too:
https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/lib/libc/string/memmove.c?rev=1.2=text/plain

libc: string: bcopy: get rid of unneeded goto

[Ali H. Fardan]

Index: bcopy.c
===
RCS file: /cvs/src/lib/libc/string/bcopy.c,v
retrieving revision 1.7
diff -u -p -r1.7 bcopy.c
--- bcopy.c 31 Aug 2015 02:53:57 -  1.7
+++ bcopy.c 24 Aug 2017 19:16:30 -
@@ -53,7 +53,7 @@ bcopy(const void *src0, void *dst0, size
size_t t;

if (length == 0 || dst == src)  /* nothing to do */
-   goto done;
+   return;

/*
 * Macros: loop-t-times; and loop-t-times, t>0
@@ -107,7 +107,5 @@ bcopy(const void *src0, void *dst0, size
t = length & wmask;
TLOOP(*--dst = *--src);
}
-done:
-   return;
 }
 DEF_WEAK(bcopy);

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

On 2016-09-05 11:03, Tom Cosgrove wrote:

Ali H. Fardan <r...@firemail.cc> 5-Sep-16 08:47 >>>


On 2016-09-05 10:44, David Gwynne wrote:
>> On 5 Sep 2016, at 17:39, Ali H. Fardan <r...@firemail.cc> wrote:
>>
>> and why is he telling me this? I just said if the destination is a
>> pointer to char, how would a function automagically allocate a size
>> for it?
>
> its not a pointer to a char, its a pointer to a char pointer:
>
> as per the man page:
>
>  int
>  asprintf(char **ret, const char *format, ...);
>
> dlg

Still doesn't mean that it can automagically allocate a correct
buffer size.


It does allocate the correct buffer size.  It's got all the information 
it
needs to do that with the format string and the parameters.  Then it 
returns

the buffer address via the `ret' argument.

If you don't believe us, read the source code and tell us where we are 
wrong.


Tom


then that patch does weaken security, the buffer can overflow.

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

On 2016-09-05 11:04, Otto Moerbeek wrote:

On Mon, Sep 05, 2016 at 10:47:06AM +0300, Ali H. Fardan wrote:


On 2016-09-05 10:44, David Gwynne wrote:
> > On 5 Sep 2016, at 17:39, Ali H. Fardan <r...@firemail.cc> wrote:
> >
> > and why is he telling me this? I just said if the destination is a
> > pointer to char, how would a function automagically allocate a size
> > for it?
>
> its not a pointer to a char, its a pointer to a char pointer:
>
> as per the man page:
>
>  int
>  asprintf(char **ret, const char *format, ...);
>
> dlg
>

Still doesn't mean that it can automagically allocate a correct
buffer size.


Yes it does.

Arguing about this doesn't help anybody. Go study some C.

-Otto


You got no explanation for your argument.

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

On 2016-09-05 10:44, David Gwynne wrote:

On 5 Sep 2016, at 17:39, Ali H. Fardan <r...@firemail.cc> wrote:

and why is he telling me this? I just said if the destination is a
pointer to char, how would a function automagically allocate a size
for it?


its not a pointer to a char, its a pointer to a char pointer:

as per the man page:

 int
 asprintf(char **ret, const char *format, ...);

dlg



Still doesn't mean that it can automagically allocate a correct
buffer size.

Fwd: Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

and why is he telling me this? I just said if the destination is a
pointer to char, how would a function automagically allocate a size
for it?

 Original Message 
Subject: Re: mount(8): strlen + malloc + snprintf == asprintf
Date: 2016-09-05 10:36
From: "Michael W. Bombardieri" <m...@iinet.net.au>
To: "Ali H. Fardan" <r...@firemail.cc>, Otto Moerbeek <o...@drijf.net>
Cc: David Gwynne <da...@gwynne.id.au>, tech <tech@openbsd.org>, 
owner-t...@openbsd.org


FWIW the reply seemed like a proper statement to me.

The manual page for asprintf() doesn't explain its internals. Do you 
expect someone to give you a summary of asprintf() internals? I don't 
see why they should.


On 2016-09-05 3:15 PM, Ali H. Fardan wrote:

On 2016-09-05 08:52, Otto Moerbeek wrote:

On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote:


On 2016-09-05 08:01, David Gwynne wrote:
> > On 5 Sep 2016, at 12:13, Ali H. Fardan <r...@firemail.cc> wrote:
> >
> > You can't specify a buffer size in asprintf() therefore, it is not
> > secure,
> > you can see that snprintf() does write to the `i` bytes to the buffer
>
> asprintf allocates the memory it needs to write to, unlike snprintf
> which requires a preallocated buffer.

when the destination is a pointer to a char, and the passed argument 
is a
memory address, how is it supposed to determine the correct buffer 
size?


Raiz


asprintf uses the internals of the printf family of functions. Look in
src/lib/libc/stdio for all the details.

-Otto


If you can read my statement and reply with a proper statement,
I'd appreciate it.

Raiz

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

On 2016-09-05 08:52, Otto Moerbeek wrote:

On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote:


On 2016-09-05 08:01, David Gwynne wrote:
> > On 5 Sep 2016, at 12:13, Ali H. Fardan <r...@firemail.cc> wrote:
> >
> > You can't specify a buffer size in asprintf() therefore, it is not
> > secure,
> > you can see that snprintf() does write to the `i` bytes to the buffer
>
> asprintf allocates the memory it needs to write to, unlike snprintf
> which requires a preallocated buffer.

when the destination is a pointer to a char, and the passed argument 
is a
memory address, how is it supposed to determine the correct buffer 
size?


Raiz


asprintf uses the internals of the printf family of functions. Look in
src/lib/libc/stdio for all the details.

-Otto


If you can read my statement and reply with a proper statement,
I'd appreciate it.

Raiz

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

On 2016-09-05 08:01, David Gwynne wrote:

On 5 Sep 2016, at 12:13, Ali H. Fardan <r...@firemail.cc> wrote:

You can't specify a buffer size in asprintf() therefore, it is not 
secure,

you can see that snprintf() does write to the `i` bytes to the buffer


asprintf allocates the memory it needs to write to, unlike snprintf
which requires a preallocated buffer.


when the destination is a pointer to a char, and the passed argument is 
a

memory address, how is it supposed to determine the correct buffer size?

Raiz

Re: mount(8): strlen + malloc + snprintf == asprintf

[Ali H. Fardan]

You can't specify a buffer size in asprintf() therefore, it is not 
secure,

you can see that snprintf() does write to the `i` bytes to the buffer

Raiz

 Original Message 
Subject: mount(8): strlen + malloc + snprintf == asprintf
Date: 2016-09-04 19:47
From: Michal Mazurek 
To: tech@openbsd.org

do what tb@ did for hexdump

Index: sbin/mount/mount.c
===
RCS file: /cvs/src/sbin/mount/mount.c,v
retrieving revision 1.66
diff -u -p -r1.66 mount.c
--- sbin/mount/mount.c  26 Jun 2016 19:53:40 -  1.66
+++ sbin/mount/mount.c  4 Sep 2016 16:38:41 -
@@ -685,19 +685,16 @@ maketypelist(char *fslist)
 char *
 catopt(char *s0, const char *s1)
 {
-   size_t i;
char *cp;

if (s0 && *s0) {
-   i = strlen(s0) + strlen(s1) + 1 + 1;
-   if ((cp = malloc(i)) == NULL)
+   if (asprintf(, "%s,%s", s0, s1) == -1)
err(1, NULL);
-   (void)snprintf(cp, i, "%s,%s", s0, s1);
} else
cp = strdup(s1);

free(s0);
-   return (cp);
+   return cp;
 }

 void

does true.c need command line arguments?

[Ali H. Fardan]

I'm just wondering if true.c does really need int argc and char *argv[] 
rather than void (src/usr.bin/true/true.c), if not:


Index: true.c
===
RCS file: /cvs/src/usr.bin/true/true.c,v
retrieving revision 1.1
diff -r1.1 true.c
6c6
< main(int argc, char *argv[])
---

main(void)