Re: Bug#714219: Acknowledgement (libc6: crypt(3) returns NULL with EINVAL instead of falling back to DES, breaking GNU software)
Aurelien Jarno dixit:
>ambiguity that crypt can return NULL for any failure (i.e. not
>successful completion):
Indeed, but, one, it doesn’t list any other error code (nor do
the glibc manpages) and two, there _is_ something called common
law: it’s been like this for decades.
>This is *your* interpretation of POSIX. Quoting it, there is no
Do you, by inaction, want to sign responsible for all security
holes introduced into previously-working code in the archive
that now, without even a recompilation, breaks?
Or will you add some small patch fixing this behaviour and
feed that patch also upstream?
I do not disagree that user programs “probably” “should” check
for NULL, but let’s face reality. And libc *also* has some part
in the job: it should not make userspace’s live too hard.
bye,
//mirabilos
--
Support mksh as /bin/sh and RoQA dash NOW!
‣ src:bash (260 (281) bugs: 0 RC, 182 (196) I&N, 78 (85) M&W, 0 (0) F&P)
‣ src:dash (87 (103) bugs: 3 RC, 41 (46) I&N, 43 (54) M&W, 0 F&P)
‣ src:mksh (2 bugs: 0 RC, 0 I&N, 2 M&W, 0 F&P, 1 gift)
http://qa.debian.org/data/bts/graphs/d/dash.png is pretty red, innit?
Reply to: