On Thu, 23 Jan 2014, Darren Tucker wrote: > On Thu, Jan 23, 2014 at 08:33:03AM +0000, Nicholas Marriott wrote: > > Hi > > > > When NetBSD added strnvis they swapped around the argument order. > > > > On OpenBSD: > > int strnvis(char *, const char *, size_t, int) > > > > On NetBSD: > > int strnvis(char *, size_t, const char *, int); > > > > Don't ask me why. > > Sigh. FreeBSD too. Seriously guys? The OpenBSD usage predates both > by >10 years. I get that the OpenBSD argument order is arguably a bit inconsistent with other string functions (though hardly the worst wart in libc), but the solution to this is either grudingly accept it or to import strnvis _under a different name_, not to import it but silently introduce a gaping, idiotic incompatibility that yields silent string corruption at best, crashes in all likelihood and exploitable stack/heap overflows at worst. > For those keeping score, OpenBSD 2.9 was in 2001, NetBSD 6.0 was 2012 and > FreeBSD 9.2 was 2013. ok djm, for lack of a time machine and cluebat > Index: configure.ac > =================================================================== > RCS file: /var/cvs/openssh/configure.ac,v > retrieving revision 1.558 > diff -u -p -r1.558 configure.ac > --- configure.ac 22 Jan 2014 10:30:13 -0000 1.558 > +++ configure.ac 23 Jan 2014 10:58:47 -0000 > @@ -769,6 +769,8 @@ mips-sony-bsd|mips-sony-newsos4) > AC_DEFINE([SSH_TUN_PREPEND_AF], [1], > [Prepend the address family to IP tunnel traffic]) > TEST_MALLOC_OPTIONS="AJRX" > + AC_DEFINE([BROKEN_STRNVIS], [1], > + [NetBSD strnvis argument order is swapped compared to OpenBSD]) > ;; > *-*-freebsd*) > check_for_libcrypt_later=1 > @@ -777,7 +779,8 @@ mips-sony-bsd|mips-sony-newsos4) > AC_CHECK_HEADER([net/if_tap.h], , > AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) > AC_DEFINE([BROKEN_GLOB], [1], [FreeBSD glob does not do what we need]) > - AC_DEFINE([BROKEN_STRNVIS], [1], [FreeBSD strnvis does not do what we need]) > + AC_DEFINE([BROKEN_STRNVIS], [1], > + [FreeBSD strnvis argument order is swapped compared to OpenBSD]) > TEST_MALLOC_OPTIONS="AJRX" > ;; > *-*-bsdi*) > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >
