NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

lib/53640: getnstr(3) shall read at most n characters, not n-1

>Number:         53640
>Category:       lib
>Synopsis:       getnstr(3) shall read at most n characters, not n-1
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Sep 29 10:30:01 +0000 2018
>Originator:     Kamil Rytarowski
>Release:        NetBSD 8.99.24 amd64
NetBSD rugged 8.99.24 NetBSD 8.99.24 (GENERIC) #8: Fri Aug 31 21:55:37 CEST 2018  root@chieftec:/public/netbsd-root/sys/arch/amd64/compile/GENERIC amd64
getnstr(3) is a safe replacement of getstr(3)

It's documented in POSIX to reat at most N bytes; but the NetBSD curses(3) version reads at most N-1 bytes.

While the NetBSD curses(3) behavior might be defendable it diverges from the idiom of gets(3) + fgets(3). fgets(3) is documented to read at most N-1 characters and it does so.

This works naturally in ncurses.
#include <curses.h>

main(int argc, char **argv)
	char A[4];

	addstr("Enter 3 characters: ");
	getnstr(A, 3);

	printw("Hello %s", A);

	return 0;
// gcc test2.c -lncurses -L/usr/pkg/lib -Wl,-R/usr/pkg/lib -I/usr/pkg/include -I/usr/pkg/include/ncurses
// gcc test2.c -lcurses

/// fgets(3) example

#include <curses.h>
#include <stdio.h>

main(int argc, char **argv)
	char A[4];

	printf("Enter 3 characters: ");
	fgets(A, 4, stdin);

	printf("Hello %s A[3]=%#hhx\n", A, (unsigned char)A[3]);

	return 0;


Home | Main Index | Thread Index | Old Index