Re: Reuse strtonum(3) and reallocarray(3) from OpenBSD

["Kamil Rytarowski" <n54%gmx.com@localhost>]

> Sent: Tuesday, November 25, 2014 at 2:02 AM
> From: "Joerg Sonnenberger" <joerg%britannica.bec.de@localhost>
> To: "Kamil Rytarowski" <n54%gmx.com@localhost>
> Cc: tech-userlevel%netbsd.org@localhost
> Subject: Re: Reuse strtonum(3) and reallocarray(3) from OpenBSD
>
> On Tue, Nov 25, 2014 at 02:58:34AM +0100, Kamil Rytarowski wrote:
> > Well... I see your point, on the other hand your variant doesn't solve
> > my initial (and real) issue of code derived from OpenBSD -- unmodified
> > code sharing.
> 
> Why should we have to adopt questionable interfaces? "Because OpenBSD
> does it" alone is not a very good reason.
> 
> Joerg
> 

1. reallocarray(3) (thanks to LibreSSL?) was already proposed in glibc and musl
2. compatibility vs inquestionability is really a matter of use-case (if not a matter of taste)
3. just to make a note, the parameter void** of your proposition may lead to an aliasing trouble [1]

In general I don't agree with you that the focus solely at an integer-overflow leads to questionable interface. As the problem of what to-do-later and how to handle corner cases is imho a matter of domain... with the "theft of Egypt's gold" (reallocarray(3) from OpenBSD) we can form the "Golden calf" (wrapper to solve all problems) or adorn the "Temple" (prevent one class of security bugs, be compatible with other systems, ).

BTW. There is an interesting list of clang built-ins for overflows:
http://clang.llvm.org/docs/LanguageExtensions.html#checked-arithmetic-builtins

Best regards

[1] http://permalink.gmane.org/gmane.comp.lib.glibc.alpha/44812