diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2014-04-23 16:08:33 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-04-23 16:08:33 +0000 |
commit | e1bb09be17d41880b391cdcbe9d968f8964928ff (patch) | |
tree | eeb097d0331817dc1ea9f7b52f2930635bda4387 /TODO | |
parent | 1f555653eb03957679b5749f7ac779126c3c2627 (diff) | |
download | mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.tar.gz mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.tar.zst mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.zip |
Audit strlcpy(3)/strlcat(3) usage.
* Repair three instances of silent truncation, use asprintf(3).
* Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+...
to use asprintf(3) instead to make them less error prone.
* Cast the return value of four instances where the destination
buffer is known to be large enough to (void).
* Completely remove three useless instances of strlcpy(3)/strlcat(3).
* Mark two places in -Thtml with XXX that can cause information loss
and crashes but are not easy to fix, requiring design changes of
some internal interfaces.
* The file mandocdb.c remains to be audited.
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,13 +1,15 @@ ************************************************************************ * Official mandoc TODO. -* $Id: TODO,v 1.168 2014/03/30 19:47:48 schwarze Exp $ +* $Id: TODO,v 1.169 2014/04/23 16:08:33 schwarze Exp $ ************************************************************************ ************************************************************************ * crashes ************************************************************************ -None known. +- The abort() in bufcat(), html.c, can be triggered via buffmt_includes() + by running -Thtml -Oincludes on a file containing a long .In argument. + Fixing this will probably require reworking the whole bufcat() concept. ************************************************************************ * missing features |