From: Sebastien Marie Subject: Re: Maybe strlen is unnecessary in kern_unveil.c To: Bob Beck Cc: Christian Schulte , tech@openbsd.org Date: Wed, 19 Nov 2025 16:31:59 +0100 Bob Beck writes: > like ah. no? > > the point of it being named "size" and not "len" is to make it clear it is the size of the allocation and not the length of a string. > > renaming it to len makes it confusing, which is only partly mitigated by a comment. this is not a helpful visit to the bikeshed paint store my point is the following code panic, because we are currently passing cn_nameptr which isn't a NUL terminated string. But I could rework the diff to ensure that we always pass NUL terminated string (and not the opposite). diff --git a/sys/kern/kern_unveil.c b/sys/kern/kern_unveil.c index 492269e48a..b59b53edb7 100644 --- a/sys/kern/kern_unveil.c +++ b/sys/kern/kern_unveil.c @@ -74,12 +74,13 @@ struct unvname * unvname_new(const char *name, size_t size, u_char flags) { struct unvname *ret = malloc(sizeof(struct unvname), M_PROC, M_WAITOK); ret->un_name = malloc(size, M_PROC, M_WAITOK); memcpy(ret->un_name, name, size); + KASSERT(ret->un_name[size-1] == '\0'); ret->un_namesize = size; ret->un_flags = flags; return ret; } void Regards. -- Sebastien Marie