summaryrefslogtreecommitdiffstats
path: root/TODO
diff options
context:
space:
mode:
authorIngo Schwarze <schwarze@openbsd.org>2014-04-23 16:08:33 +0000
committerIngo Schwarze <schwarze@openbsd.org>2014-04-23 16:08:33 +0000
commit842d2c18036af60bbed3a3624ecf8fe100d9d443 (patch)
tree2b956214e0aa752af4c2b4e3dc2c4edd7901380a /TODO
parentfc08cbd658772077746061992d1a10222eab1dff (diff)
downloadmandoc-842d2c18036af60bbed3a3624ecf8fe100d9d443.tar.gz
Audit strlcpy(3)/strlcat(3) usage.
* Repair three instances of silent truncation, use asprintf(3). * Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+... to use asprintf(3) instead to make them less error prone. * Cast the return value of four instances where the destination buffer is known to be large enough to (void). * Completely remove three useless instances of strlcpy(3)/strlcat(3). * Mark two places in -Thtml with XXX that can cause information loss and crashes but are not easy to fix, requiring design changes of some internal interfaces. * The file mandocdb.c remains to be audited.
Diffstat (limited to 'TODO')
-rw-r--r--TODO4
1 files changed, 3 insertions, 1 deletions
diff --git a/TODO b/TODO
index fb283b78..a97d1a18 100644
--- a/TODO
+++ b/TODO
@@ -7,7 +7,9 @@
* crashes
************************************************************************
-None known.
+- The abort() in bufcat(), html.c, can be triggered via buffmt_includes()
+ by running -Thtml -Oincludes on a file containing a long .In argument.
+ Fixing this will probably require reworking the whole bufcat() concept.
************************************************************************
* missing features