Re: mount(8): strlen + malloc + snprintf == asprintf

Are you retarded ? Go study the source code.

Re: mount(8): strlen + malloc + snprintf == asprintf

>>> Ali H. Fardan 5-Sep-16 09:09 >>> > > On 2016-09-05 11:03, Tom Cosgrove wrote: > : > > It does allocate the correct buffer size. It's got all the > > information it needs to do that with the format string and the > > parameters. Then it returns the buffer address via the `ret' > > argument. >

Re: mount(8): strlen + malloc + snprintf == asprintf

On 09/05/16 10:06, Ali H. Fardan wrote: > On 2016-09-05 11:04, Otto Moerbeek wrote: >> On Mon, Sep 05, 2016 at 10:47:06AM +0300, Ali H. Fardan wrote: >> >>> On 2016-09-05 10:44, David Gwynne wrote: > On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: > > and why is he telling me this? I jus

Re: mount(8): strlen + malloc + snprintf == asprintf

"Ali H. Fardan" wrote: >>> Still doesn't mean that it can automagically allocate a correct >>> buffer size. >> >> Yes it does. >> >> Arguing about this doesn't help anybody. Go study some C. > >You got no explanation for your argument. No, he doesn't. He owes you nothing. We are not here to

Re: mount(8): strlen + malloc + snprintf == asprintf

On 2016-09-05 11:03, Tom Cosgrove wrote: Ali H. Fardan 5-Sep-16 08:47 >>> On 2016-09-05 10:44, David Gwynne wrote: >> On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: >> >> and why is he telling me this? I just said if the destination is a >> pointer to char, how would a function automagically a

Re: mount(8): strlen + malloc + snprintf == asprintf

>>> Ali H. Fardan 5-Sep-16 08:47 >>> > > On 2016-09-05 10:44, David Gwynne wrote: > >> On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: > >> > >> and why is he telling me this? I just said if the destination is a > >> pointer to char, how would a function automagically allocate a size > >> for it?

Re: mount(8): strlen + malloc + snprintf == asprintf

The 3 lines of code it replaced could, so why would you not believe asprintf() couldn't ? 2016-09-05 9:47 GMT+02:00 Ali H. Fardan : > On 2016-09-05 10:44, David Gwynne wrote: > >> On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: >>> >>> and why is he telling me this? I just said if the destination

Re: mount(8): strlen + malloc + snprintf == asprintf

On 2016-09-05 11:04, Otto Moerbeek wrote: On Mon, Sep 05, 2016 at 10:47:06AM +0300, Ali H. Fardan wrote: On 2016-09-05 10:44, David Gwynne wrote: > > On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: > > > > and why is he telling me this? I just said if the destination is a > > pointer to char, ho

Re: mount(8): strlen + malloc + snprintf == asprintf

On Mon, Sep 05, 2016 at 10:47:06AM +0300, Ali H. Fardan wrote: > On 2016-09-05 10:44, David Gwynne wrote: > > > On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: > > > > > > and why is he telling me this? I just said if the destination is a > > > pointer to char, how would a function automagically a

Re: mount(8): strlen + malloc + snprintf == asprintf

On 2016-09-05 10:44, David Gwynne wrote: On 5 Sep 2016, at 17:39, Ali H. Fardan wrote: and why is he telling me this? I just said if the destination is a pointer to char, how would a function automagically allocate a size for it? its not a pointer to a char, its a pointer to a char pointer:

Re: mount(8): strlen + malloc + snprintf == asprintf

page: int asprintf(char **ret, const char *format, ...); dlg > > Original Message ---- > Subject: Re: mount(8): strlen + malloc + snprintf == asprintf > Date: 2016-09-05 10:36 > From: "Michael W. Bombardieri" > To: "Ali H. Fardan" ,

Fwd: Re: mount(8): strlen + malloc + snprintf == asprintf

and why is he telling me this? I just said if the destination is a pointer to char, how would a function automagically allocate a size for it? Original Message Subject: Re: mount(8): strlen + malloc + snprintf == asprintf Date: 2016-09-05 10:36 From: "Michael W. Bombar

Re: mount(8): strlen + malloc + snprintf == asprintf

Ali H. Fardan wrote: > If you can read my statement and reply with a proper statement, > I'd appreciate it. You are wrong.

Re: mount(8): strlen + malloc + snprintf == asprintf

On 2016-09-05 08:52, Otto Moerbeek wrote: On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote: On 2016-09-05 08:01, David Gwynne wrote: > > On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: > > > > You can't specify a buffer size in asprintf() therefore, it is not > > secure, > > you can

Re: mount(8): strlen + malloc + snprintf == asprintf

On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote: > On 2016-09-05 08:01, David Gwynne wrote: > > > On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: > > > > > > You can't specify a buffer size in asprintf() therefore, it is not > > > secure, > > > you can see that snprintf() does write

Re: mount(8): strlen + malloc + snprintf == asprintf

On 2016-09-05 08:01, David Gwynne wrote: On 5 Sep 2016, at 12:13, Ali H. Fardan wrote: You can't specify a buffer size in asprintf() therefore, it is not secure, you can see that snprintf() does write to the `i` bytes to the buffer asprintf allocates the memory it needs to write to, unlike

Re: mount(8): strlen + malloc + snprintf == asprintf

which requires a preallocated buffer. > > Raiz > > Original Message ---- > Subject: mount(8): strlen + malloc + snprintf == asprintf > Date: 2016-09-04 19:47 > From: Michal Mazurek > To: tech@openbsd.org > > do what tb@

Re: mount(8): strlen + malloc + snprintf == asprintf

You can't specify a buffer size in asprintf() therefore, it is not secure, you can see that snprintf() does write to the `i` bytes to the buffer Raiz Original Message Subject: mount(8): strlen + malloc + snprintf == asprintf Date: 2016-09-04 19:47 From: Michal Mazure

mount(8): strlen + malloc + snprintf == asprintf

do what tb@ did for hexdump Index: sbin/mount/mount.c === RCS file: /cvs/src/sbin/mount/mount.c,v retrieving revision 1.66 diff -u -p -r1.66 mount.c --- sbin/mount/mount.c 26 Jun 2016 19:53:40 - 1.66 +++ sbin/mount/mount.c