Comment 3 for bug 306007

Just did an apt-get source glibc, and in the diff, I found the following code snippet, in glibc-2.7/debian/patches/any/local-bindresvport_blacklist.diff , in sunrpc/bindrsvprt.c , which seems to be meant to parse one line:

++ tmp = strchr (cp, '#'); /* remove comments */
++ if (tmp)
++ *tmp = '\0';
++ while (isspace ((int)*cp)) /* remove spaces and tabs */
++ ++cp;
++ if (*cp == '\0') /* ignore empty lines */
++ continue;
++ if (cp[strlen (cp) - 1] == '\n')
++ cp[strlen (cp) - 1] = '\0';
++
++ port = strtoul (cp, &tmp, 0);
++ if (*tmp != '\0' || (port == ULONG_MAX && errno == ERANGE))
++ continue;

It seems to:
1. Remove comments
2. Remove _leading_ spaces
3. Ignore empty lines
4. Remove final newline
5. Parse the number
6. ... but then _check_ whether the line finishes right after the number, by comparing the tmp pointer "returned" by strtoul with '\0'.

The point 6 has to go. Or if we want to keep some sanity checking, maybe there should be a "while (isspace ((int)*tmp)) ++tmp; /* remove spaces and tabs */" line between the strtoul and the check for *tmp != '\0'