Audit strlcpy(3)/strlcat(3) usage.

* Repair three instances of silent truncation, use asprintf(3). * Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+... to use asprintf(3) instead to make them less error prone. * Cast the return value of four instances where the destination buffer is known to be large enough to (void). * Completely remove three useless instances of strlcpy(3)/strlcat(3). * Mark two places in -Thtml with XXX that can cause information loss and crashes but are not easy to fix, requiring design changes of some internal interfaces. * The file mandocdb.c remains to be audited.
author: Ingo Schwarze <schwarze@openbsd.org> 2014-04-23 16:08:33 +0000
committer: Ingo Schwarze <schwarze@openbsd.org> 2014-04-23 16:08:33 +0000
commit: 842d2c18036af60bbed3a3624ecf8fe100d9d443 (patch)
tree: 2b956214e0aa752af4c2b4e3dc2c4edd7901380a /html.c
parent: fc08cbd658772077746061992d1a10222eab1dff (diff)
download: mandoc-842d2c18036af60bbed3a3624ecf8fe100d9d443.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/html.c b/html.c
index 82ac8c7f..1e7a88db 100644
--- a/html.c
+++ b/html.c
@@ -657,6 +657,12 @@ void
 bufcat(struct html *h, const char *p)
 {
 
+	/*
+	 * XXX This is broken and not easy to fix.
+	 * When using the -Oincludes option, buffmt_includes()
+	 * may pass in strings overrunning BUFSIZ, causing a crash.
+	 */
+
 	h->buflen = strlcat(h->buf, p, BUFSIZ);
 	assert(h->buflen < BUFSIZ);
 }
author	Ingo Schwarze <schwarze@openbsd.org>	2014-04-23 16:08:33 +0000
committer	Ingo Schwarze <schwarze@openbsd.org>	2014-04-23 16:08:33 +0000
commit	842d2c18036af60bbed3a3624ecf8fe100d9d443 (patch)
tree	2b956214e0aa752af4c2b4e3dc2c4edd7901380a /html.c
parent	fc08cbd658772077746061992d1a10222eab1dff (diff)
download	mandoc-842d2c18036af60bbed3a3624ecf8fe100d9d443.tar.gz