From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9520 invoked by alias); 12 Oct 2006 23:48:15 -0000 Received: (qmail 9507 invoked by uid 48); 12 Oct 2006 23:48:07 -0000 Date: Thu, 12 Oct 2006 23:48:00 -0000 Message-ID: <20061012234807.9506.qmail@sourceware.org> From: "kris dot van dot hees at oracle dot com" To: glibc-bugs@sources.redhat.com In-Reply-To: <20061012145036.3355.kris.van.hees@oracle.com> References: <20061012145036.3355.kris.van.hees@oracle.com> Reply-To: sourceware-bugzilla@sourceware.org Subject: [Bug libc/3355] strnlen() accesses memory locations beyond (s + maxlen) X-Bugzilla-Reason: CC Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2006-10/txt/msg00088.txt.bz2 List-Id: ------- Additional Comments From kris dot van dot hees at oracle dot com 2006-10-12 23:48 ------- If this is by design, I'll see check to log a bug against the manpage for strnlen (at least on linux, haven't check manpage for other ports) because the manpage currently explicitly states: The strnlen function returns the number of characters in the string pointed to by s, not including the terminating '\0' character, but at most maxlen. In doing this, strnlen looks only at the first maxlen characters at s and never beyond s+maxlen. That last sentence is clearly not in sync with the implementation. -- http://sourceware.org/bugzilla/show_bug.cgi?id=3355 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.