cvs commit: src/sys/libkern strtok.c src/sys/sys libkern.h
src/sys/conf files
Bruce Evans
bde at zeta.org.au
Fri Oct 7 08:04:11 PDT 2005
On Thu, 6 Oct 2005, Nate Lawson wrote:
> Pawel Jakub Dawidek wrote:
>> pjd 2005-10-06 11:10:10 UTC
>>
>> FreeBSD src repository
>>
>> Modified files:
>> sys/sys libkern.h sys/conf files Added
>> files:
>> sys/libkern strtok.c Log:
>> Add strtok() and strtok_r() function to libkern.
>> MFC after: 2 weeks
>> Revision Changes Path
>> 1.1055 +1 -0 src/sys/conf/files
>> 1.1 +98 -0 src/sys/libkern/strtok.c (new)
>> 1.51 +2 -0 src/sys/sys/libkern.h
>
> Why is the kernel parsing strings? Seems like a good way to introduce
> security flaws.
sscanf() is a similar older mistake in the kernel. sscanf() is only
slightly more useable than gets(), since its behaviour on overflow is
undefined and input that is not parsed in other ways can easily cause
overflow. (Its actual behaviour is to blindly truncate results.) In
the kernel, more than half (by sscanf count) of its abuses are for %d
or %x formats which can easily be handled right using strto[u]l().
Bruce
More information about the cvs-src
mailing list