In message <20010221162253.B17431@xxxxxxxxxxxxxxxxxxxxxx> you write:
> > Is there a point in allowing a too-big buffer? I know that
> > getpeername() and getsockname() do, but it's an indication of an error
> > on the user code, to me.
>
> Hm. This sounds like an issue of interpretation. I have the following
> opinion: As long as there's enough space for netfilter/iptables to write
> its data in: don't care.
>
> The reason of this check is to know we have enough space.. isn't it?
Not really. You could just copy, and if it fails, return -EFAULT.
I feel the point of that argument is to indicate the size of the
buffer. We have a chance to catch coding errors; I feel the
getsockname/getpeername approach is wrong (truncate results if too
short, don't care if too long). Unless someone can come up with a
compelling reason, why change?
Rusty.
--
Premature optmztion is rt of all evl. --DK
|