cvs commit: src/sys/libkern strtok.c src/sys/sys libkern.h
src/sys/conf files
Nate Lawson
nate at root.org
Fri Oct 7 11:56:04 PDT 2005
Bruce Evans wrote:
> On Thu, 6 Oct 2005, Nate Lawson wrote:
>
>> Pawel Jakub Dawidek wrote:
>>
>>> pjd 2005-10-06 11:10:10 UTC
>>>
>>> FreeBSD src repository
>>>
>>> Modified files:
>>> sys/sys libkern.h sys/conf files
>>> Added files:
>>> sys/libkern strtok.c Log:
>>> Add strtok() and strtok_r() function to libkern.
>>> MFC after: 2 weeks
>>> Revision Changes Path
>>> 1.1055 +1 -0 src/sys/conf/files
>>> 1.1 +98 -0 src/sys/libkern/strtok.c (new)
>>> 1.51 +2 -0 src/sys/sys/libkern.h
>>
>>
>> Why is the kernel parsing strings? Seems like a good way to introduce
>> security flaws.
>
>
> sscanf() is a similar older mistake in the kernel. sscanf() is only
> slightly more useable than gets(), since its behaviour on overflow is
> undefined and input that is not parsed in other ways can easily cause
> overflow. (Its actual behaviour is to blindly truncate results.) In
> the kernel, more than half (by sscanf count) of its abuses are for %d
> or %x formats which can easily be handled right using strto[u]l().
I don't have time at the moment (working on new battery support) but I'd
appreciate it if you removed sscanf.
--
Nate
More information about the cvs-src
mailing list