From e1bb09be17d41880b391cdcbe9d968f8964928ff Mon Sep 17 00:00:00 2001
From: Ingo Schwarze <schwarze@openbsd.org>
Date: Wed, 23 Apr 2014 16:08:33 +0000
Subject: Audit strlcpy(3)/strlcat(3) usage.

* Repair three instances of silent truncation, use asprintf(3).
* Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+...
to use asprintf(3) instead to make them less error prone.
* Cast the return value of four instances where the destination
buffer is known to be large enough to (void).
* Completely remove three useless instances of strlcpy(3)/strlcat(3).
* Mark two places in -Thtml with XXX that can cause information loss
and crashes but are not easy to fix, requiring design changes of
some internal interfaces.
* The file mandocdb.c remains to be audited.
---
 TODO | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'TODO')

diff --git a/TODO b/TODO
index e619f272..2d4f2622 100644
--- a/TODO
+++ b/TODO
@@ -1,13 +1,15 @@
 ************************************************************************
 * Official mandoc TODO.
-* $Id: TODO,v 1.168 2014/03/30 19:47:48 schwarze Exp $
+* $Id: TODO,v 1.169 2014/04/23 16:08:33 schwarze Exp $
 ************************************************************************
 
 ************************************************************************
 * crashes
 ************************************************************************
 
-None known.
+- The abort() in bufcat(), html.c, can be triggered via buffmt_includes()
+  by running -Thtml -Oincludes on a file containing a long .In argument.
+  Fixing this will probably require reworking the whole bufcat() concept.
 
 ************************************************************************
 * missing features
-- 
cgit v1.2.3-56-ge451