On Mon, Feb 03, 2020 at 09:28:15PM +0100, Ingo Schwarze wrote: > Hi, > > since our manual page doesn't explain the details of how openlog(3) > uses *ident, it seems reasonable for users to conclude that it is > safest to neither free nor modify it. > > Then again, given that in our implementation, freeing it may even > pose a security hazard, i might seem friendly to give more details. > > POSIX has the same wording as our manual page (and so do 4.4BSD-Lite2, > FreeBSD, NetBSD, and Oracle Solaris 11). As far as i understand, > the wording being in POSIX implies behaviour is unspecified if the > memory becomes invalid or if its content is changed. That's also > how the Linux man-pages project documents it. I don't think > researching history is needed for this; knowing that it's unspecified > feels sufficient. > > Given that our implementation chooses to use-after-free (as it is > permitted to) if the memory becomes invalid, i prefer the Theo's > strong wording "must persist" to the possibly less discouraging > "unspecified" - foremost, we are documenting *our* implementation. > > Regarding changes of the content, i consider it friendly to mention > that it is unspecified - otherwise, people might mistakenly assume > that our behaviour were required by POSIX. > > While here, add the missing pointer to POSIX, correct HISTORY, > drop redundant verbiage from RETURN VALUES, and garbage collect .Tn. > Admittedly, that's more than one change in one patch, but all of > it is fairly standard, so why waste time splitting it. > (Still, feel free to OK only parts, of course.)
For what it's worth: Related: https://www.austingroupbugs.net/view.php?id=1244 A proposal seems to have been accepted (if I'm reading it correctly) in November of last year to change the wording in POSIX from The ident argument is a string that is prepended to every message. to The ident argument is a pointer to a null-terminated identifier that shall be prepended (without the null terminator) to every message. The application shall ensure that the string pointed to by ident remains valid during the syslog() calls that will prepend this identifier; however, it is unspecified whether changes made to the string will change the identifier prepended by later syslog() calls. Regards, -- Andreas (Kusalananda) Kähäri SciLifeLab, NBIS, ICM Uppsala University, Sweden .
