From: Crystal Kolipe <kolipe.c@exoticsilicon.com>
Subject: Re: mail(1) patches (UPDATE)
To: Walter Alejandro Iglesias <wai@roquesor.com>
Cc: tech@openbsd.org
Date: Mon, 05 Aug 2024 13:40:12 -0300

On Mon, Aug 05, 2024 at 06:22:46PM +0200, Walter Alejandro Iglesias wrote:
> +const char*
> +zone(int num)
> +{
> +	char *zn;
> +	size_t r;
> +
> +	zn = malloc(6);
> +	if (zn == NULL)
> +		err(1, NULL);
> +
> +	r = snprintf(zn, 6, "%c%02d%02d", num >= 0 ? '+' : '-',
> +	    abs((int)num / 3600), abs((int)num % 3600) / 60);
> +
> +	if (r < 0 || r >= sizeof(zn))

Why are you taking sizeof(zn)?

Hint: You've defined zn as a pointer.  What does sizeof() actually return?