[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnulib-bug
Subject:    Re: [Bug-gnulib] strnstr
From:       Paul Eggert <eggert () CS ! UCLA ! EDU>
Date:       2004-09-29 22:32:11
Message-ID: 87655wln9w.fsf () penguin ! cs ! ucla ! edu
[Download RAW message or body]

Bruno Haible <bruno@clisp.org> writes:

> Simon Josefsson wrote:
>> Darwin and FreeBSD has this, and GnuTLS is using it.
>
> Hmm. FreeBSD has some str'n' functions that work on truncated strings,
> i.e. it always uses  MIN (strlen(s), N)  as actual length. This seems
> like a broken concept to me, because
>   - it is slower than just using strlen(s) or N as actual length,
>   - it provides the illusion of being safe, but isn't because it will
>     silently truncate strings, thus producing garbage effects at will,
>   - the common GNU concept is to allocate strings that are as long as
>     they need to be.

I agree pretty much on all these points.  The strn* stuff is
antithetical to the usual GNU style.

It may be worth mentioning that this has been a bone of contention
between the GNU/Linux folks and some of the BSD folks for quite some time.
See, for example, the thread starting here:

Linus Torvalds
Re: [open-source] Re: Wish for 2002 ...
2002-01-21
<http://lists.nas.nasa.gov/archives/ext/linux-security-audit/2002/01/msg00073.html>

If you have the patience to wade through that thread, you'll see why I
think Linus is right and Theo de Raadt is wrong about the strn*
functions.  (You'll also see Theo dismissing my arguments with the
comment "WHat an utter waste of timje." [sic] :-)



[prev in list] [next in list] [prev in thread] [next in thread]