Date: Tue, 12 Oct 2021 03:24:07 +0000 From: "(GalaxyMaster)" <galaxy@...nwall.com.au> To: musl@...ts.openwall.com Cc: 2010267516@...com, Kaihang Zhang <kaihang.zhang@...rtx.com> Subject: Re: [PATCH] fix: Assign default value to mntent when linebuf is too small Kaihang, On Mon, Oct 11, 2021 at 10:36:43PM -0400, Kaihang Zhang wrote: > Function getmntent_r in source misc/mntent.c will do what glibc users > expect. The rest of the line will be discarded when can not be read > into linebuf, and the fields of struct mntent will be assigned to empty > string or zero when can not be found in linebuf, instead of setting > errno to ERANGE and exiting. Although this patch is on a similar topic as mine (changing the behaviour of get*ent() funnctions), I think the change you are describing is considerable. I would expect a function such as getmntent_r() which takes a user provided buffer to fail and set ERANGE if the provided buffer is not enough to hold the line. This gives the developer an opportunity to recover, e.g. to re-allocate a bigger buffer and try again. In your proposal, I see two issues: 1. There is no feedback to the developer, so they have no idea whether the information they've got from the function was truncated or not (and what good does a truncated mnt line bring?); 2. There is no opportunity for the developer to realise a mistake they made by supplying too small buffer, hence there is no chance of recovering from it. It is just my opinion and I would love to see other comments, since I have not stumbled upon your use case yet and am not authoritative on this topic. -- (GM)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.