Re: strlcpy and strlcat added to glibc 2.38
On Tue, Jul 18, 2023 at 4:16 AM John Paul Adrian Glaubitz
<glaubitz@physik.fu-berlin.de> wrote:
>
> Some of you may remember the discussion we had regarding the »hfs« package
> and the efforts to port it to Linux [1]. One of the issues with the package was
> the use of strlcpy and strlcat which have so been unsupported by glibc.
I think you can thank Ulrich Drepper for that
(https://sourceware.org/legacy-ml/libc-alpha/2000-08/msg00053.html):
> this patch implements the string functions strlcat and
> strlcpy for gnu libc.
This is horribly inefficient BSD crap. Using these function only
leads to other errors. Correct string handling means that you always
know how long your strings are and therefore you can you memcpy
(instead of strcpy).
And the irony... glibc makes regular appearances on BugTraq for its
mishandling of C strings.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=glibc .
> Luckily, this has changed now and support for both has been added to glibc [2]
> meaning the Linux port of the »hfs« package has become slightly easier ;-).
Glad to hear it.
> FWIW, I will resume working on the »hfs« package later this week as my vacation
> starts tomorrow.
Rub it in :)
> > [1] https://lists.debian.org/debian-powerpc/2023/05/msg00094.html
> > [2] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=454a20c8756c9c1d55419153255fc7692b3d2199
Jeff
Reply to: