Mailing List Archive

From:: Todd C. Miller <millert@openbsd.org>
Subject:: Re: whois: use getline(3) instead of fgetln(3)
To:: Omar Polo <op@omarpolo.com>
Cc:: tech@openbsd.org
Date:: Mon, 25 Mar 2024 09:53:41 -0600

Download raw body.

Thread

2024-03-24 20:48 Todd C. Miller:
whois: use getline(3) instead of fgetln(3)
- 2024-03-25 11:15 Omar Polo:
  whois: use getline(3) instead of fgetln(3)
- - 2024-03-25 15:53 Todd C. Miller:
    whois: use getline(3) instead of fgetln(3)

On Mon, 25 Mar 2024 12:15:06 +0100, Omar Polo wrote:

> side question as it's not introduced with this but shouldn't we also do
>
> --- usr.bin/whois/whois.c
> +++ usr.bin/whois/whois.c
> @@ -275,7 +275,6 @@ whois(const char *query, const char *server, const cha
>  
>  		/* Verisign etc. */
>  		if (!(flags & WHOIS_SPAM_ME) &&
> -		    len >= sizeof(CHOPSPAM)-1 &&
>  		    (strncasecmp(buf, CHOPSPAM, sizeof(CHOPSPAM)-1) == 0 ||
>  		     strncasecmp(buf, &CHOPSPAM[4], sizeof(CHOPSPAM)-5) == 0)) 
> {
>  			printf("\n");
>
>
> as len is initialy the length of the line, but then the two go out of
> sync, and strncasecmp() is safe to call since buf is always
> NUL-terminated?

Yes, we should.  OK millert@ for that diff if you'd like to commit it.

 - todd

2024-03-24 20:48 Todd C. Miller:
whois: use getline(3) instead of fgetln(3)
- 2024-03-25 11:15 Omar Polo:
  whois: use getline(3) instead of fgetln(3)
- - 2024-03-25 15:53 Todd C. Miller:
    whois: use getline(3) instead of fgetln(3)