From owner-cvs-all  Sat Mar 30 23:42:28 2002
Delivered-To: cvs-all@freebsd.org
Received: from espresso.q9media.com (espresso.q9media.com [216.254.138.122])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5B7CA37B41F; Sat, 30 Mar 2002 23:41:14 -0800 (PST)
Received: (from mike@localhost)
	by espresso.q9media.com (8.11.6/8.11.6) id g2V7YxN56505;
	Sun, 31 Mar 2002 02:34:59 -0500 (EST)
	(envelope-from mike)
Date: Sun, 31 Mar 2002 02:34:59 -0500
From: Mike Barcroft <mike@FreeBSD.org>
To: Trevor Johnson <trevor@jpj.net>
Cc: Kris Kennaway <kris@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org, portmgr@FreeBSD.org,
	Garrett Wollman <wollman@FreeBSD.org>,
	Thierry Thomas <thierry@pompo.net>
Subject: Re: malloc.h--cheaper by the dozen?
Message-ID: <20020331023459.G81971@espresso.q9media.com>
References: <20020330232651.I16128-100000@blues.jpj.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020330232651.I16128-100000@blues.jpj.net>; from trevor@jpj.net on Sun, Mar 31, 2002 at 02:12:29AM -0500
Organization: The FreeBSD Project
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

Trevor Johnson <trevor@jpj.net> writes:
> When the user attempts to compile a program which uses gets() in
> compliance with modern ANSI and ISO standards, the user receives a gentle
> slap (a warning).  The program compiles successfully, but the user is
> informed that a security hole was probably opened.  When the user attempts
> to compile a program that was written according to an old man page from
> Ultrix [1], SunOS [2], Solaris [3], or AIX [4]--some of which predated the
> ANSI and ISO standards--the user receives a hard slap (an error).  The
> Open Group seems to say that the presence of malloc.h is not required but
> neither prohibited nor deprecated [5].

We don't support pre-ANSI C in 5.0-CURRENT.  We do, on the other hand,
support ANSI/ISO C which has gets(3).  Software developers have had
over a decade to update their software to more modern versions of C; I
have no sympathy for them.

As an aside, I think ports which use gets(3) should be marked as
BROKEN.

Best regards,
Mike Barcroft

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message