| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Mar 2022 15:16:54 +0700
From: Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>
To: Willy Tarreau <w@....eu>
Cc: Ammar Faizi <ammarfaizi2@...weeb.org>,
"Paul E. McKenney" <paulmck@...nel.org>,
Nugraha <richiisei@...il.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"GNU/Weeb Mailing List" <gwml@...r.gnuweeb.org>
Subject: Re: [RFC PATCH v1 6/6] tools/include/string: Implement `strdup()` and `strndup()`
On Mon, Mar 21, 2022 at 2:53 PM Willy Tarreau wrote:
> Here it can cost quite a lot for large values of maxlen. Please just use
> a variant of the proposal above like this one:
>
> size_t len;
> char *ret;
>
> len = strlen(str);
> if (len > maxlen)
> len = maxlen;
> ret = malloc(len + 1);
> if (ret)
> memcpy(ret, str, len);
> return ret;
Maybe better to use strnlen(), see the detail at man 3 strnlen.
size_t strnlen(const char *s, size_t maxlen);
The strnlen() function returns the number of bytes in the string
pointed to by s, excluding the terminating null byte ('\0'), but at
most maxlen. In doing this, strnlen() looks only at the first maxlen
characters in the string pointed to by s and never beyond s[maxlen-1].
Should be trivial to add strnlen() with a separate patch before this patch.
So it can be:
size_t len;
char *ret;
len = strnlen(str, maxlen);
ret = malloc(len + 1);
if (__builtin_expect(ret != NULL, 1)) {
memcpy(ret, str, len);
ret[len] = '\0';
}
return ret;
Thoughts?
-- Viro
Powered by blists - more mailing lists