lib/50907: src/lib/libresolv/hmac_link.c: clumsy call to memset ?

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/50907: src/lib/libresolv/hmac_link.c: clumsy call to memset ?
From: dcb314%hotmail.com@localhost
Date: Mon, 7 Mar 2016 12:10:00 +0000 (UTC)

>Number:         50907
>Category:       lib
>Synopsis:       src/lib/libresolv/hmac_link.c: clumsy call to memset ?
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Mar 07 12:10:00 +0000 2016
>Originator:     David Binderman
>Release:        cvs dated 20160305
>Organization:
>Environment:
>Description:
[src/lib/libresolv/hmac_link.c:285] -> [src/lib/libresolv/hmac_link.c:287]: (performance) Buffer 'buff' is being written before its old content has been used.

Source code is

    memset(buff, 0, buff_len);  /*%< just in case */
    /* write file header */
    snprintf(buff, buff_len, KEY_FILE_FMT_STR, KEY_FILE_FORMAT,
        KEY_HMAC_MD5, "HMAC");

    bp = buff + strlen(buff);

Maybe better code

    /* write file header */
    snprintf(buff, buff_len, KEY_FILE_FMT_STR, KEY_FILE_FORMAT,
        KEY_HMAC_MD5, "HMAC");

    bp = buff + strlen(buff);
    memset(bp, 0, buff_len - (bp - buff));  /*%< just in case */

>How-To-Repeat:

>Fix:

Prev by Date: PR/50904 CVS commit: src/sys/dev/usb
Next by Date: bin/50908: src/sbin/fsck_msdos/dir.c:988: clumsy call to memset ?
Previous by Thread: PR/50904 CVS commit: src/sys/dev/usb
Next by Thread: bin/50908: src/sbin/fsck_msdos/dir.c:988: clumsy call to memset ?
Indexes:

Home | Main Index | Thread Index | Old Index