Re: httpd: patch for portability asprintf use

2016-05-08 Thread Joerg Jung
On Fri, May 06, 2016 at 06:48:38PM +0200, Reyk Floeter wrote: > > > On 06.05.2016, at 18:36, Theo de Raadt wrote: > > > >> If OpenBSD's behavior of asprintf is non-standard and everyone else is > >> doing it differently, we would probably have to apply the patch. But

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Todd C. Miller
On Fri, 06 May 2016 18:53:28 +0200, Hiltjo Posthuma wrote: > It is not an issue, but I thought it was not intended because the > asprintf(3) documentation said: > > "The value of ret in this situation is > implementation-dependent (on OpenBSD, ret will be set to the null >

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Ted Unangst
Theo de Raadt wrote: > > If OpenBSD's behavior of asprintf is non-standard and everyone else is > > doing it differently, we would probably have to apply the patch. But this > > would also affect many other places in the tree were we rely on our > > asprintf semantics. > > Actually, we have fixed

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Theo de Raadt
> Theo de Raadt wrote: > > > If OpenBSD's behavior of asprintf is non-standard and everyone else is > > > doing it differently, we would probably have to apply the patch. But this > > > would also affect many other places in the tree were we rely on our > > > asprintf semantics. > > > > Actually,

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Hiltjo Posthuma
On Fri, May 6, 2016 at 6:47 PM, Todd C. Miller wrote: > On Fri, 06 May 2016 17:56:16 +0200, Hiltjo Posthuma wrote: > >> Any OK's for this? >> >> Please also see my mail with subject "httpd: fix/style: unbalanced >> va_start and va_end macros" (don't want to spam the

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Reyk Floeter
> On 06.05.2016, at 18:36, Theo de Raadt wrote: > >> If OpenBSD's behavior of asprintf is non-standard and everyone else is >> doing it differently, we would probably have to apply the patch. But this >> would also affect many other places in the tree were we rely on

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Todd C. Miller
On Fri, 06 May 2016 17:56:16 +0200, Hiltjo Posthuma wrote: > Any OK's for this? > > Please also see my mail with subject "httpd: fix/style: unbalanced > va_start and va_end macros" (don't want to spam the mailinglist :)). I didn't change those before because body and hstsheader are initialized

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Theo de Raadt
> If OpenBSD's behavior of asprintf is non-standard and everyone else is > doing it differently, we would probably have to apply the patch. But this > would also affect many other places in the tree were we rely on our > asprintf semantics. Actually, we have fixed all usage cases in our tree to

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Reyk Floeter
> On 06.05.2016, at 17:56, Hiltjo Posthuma wrote: > > On Wed, Apr 27, 2016 at 2:41 PM, Hiltjo Posthuma > wrote: >> Hi, >> >> The following patch for httpd makes sure the value of the asprintf buffer is >> zeroed

Re: httpd: patch for portability asprintf use

2016-05-06 Thread Hiltjo Posthuma
On Wed, Apr 27, 2016 at 2:41 PM, Hiltjo Posthuma wrote: > Hi, > > The following patch for httpd makes sure the value of the asprintf buffer is > zeroed on error and not relied upon, so at the 'done' label free(body) and > free(hstsheader) is safe. > > from asprintf(3): > >

httpd: patch for portability asprintf use

2016-04-27 Thread Hiltjo Posthuma
Hi, The following patch for httpd makes sure the value of the asprintf buffer is zeroed on error and not relied upon, so at the 'done' label free(body) and free(hstsheader) is safe. from asprintf(3): "The asprintf() and vasprintf() functions return the number of characters that