From owner-freebsd-current@FreeBSD.ORG Wed Sep 8 15:51:59 2010 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 10CF810656B2 for ; Wed, 8 Sep 2010 15:51:59 +0000 (UTC) (envelope-from mdf356@gmail.com) Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com [209.85.213.182]) by mx1.freebsd.org (Postfix) with ESMTP id C2B448FC19 for ; Wed, 8 Sep 2010 15:51:58 +0000 (UTC) Received: by yxn35 with SMTP id 35so113713yxn.13 for ; Wed, 08 Sep 2010 08:51:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=pujKQgDyIiFe33s0+qadVic1Kyc5QGyOptRH1WPxQCU=; b=As5GO8IWZKvlGjWWxPCEA2WLv8XL/gESmoSk55ss+K+dN6RBYwx9/DKkqIfhGnsjy9 xPHOifTOm3XEXKnkYUUbuFBy3fjPjpwZElg4eoakrrpP5WHA6FccRb3A3LfQa2gl7D0a HQ00S9/9Me/G6ia7EtFI+aJQ3l0agecgy1yWA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; b=aRu91eVEOCGtCjEWfFm58NWfVaGgNyAGxn7ZClGzFM5xnPDI0GUis7EPd6WeRCdcrl wX4wRNos9BRfzUgqzQDLb8cCbBq9sDCtwfN0pnpP+QxHS2CQAsrlLiunnLQkWPNpnFAn c/mjmCsL1iRXB2AYVoodYhiN1/okPlElFgeYI= MIME-Version: 1.0 Received: by 10.100.93.12 with SMTP id q12mr98143anb.183.1283961117776; Wed, 08 Sep 2010 08:51:57 -0700 (PDT) Sender: mdf356@gmail.com Received: by 10.100.126.20 with HTTP; Wed, 8 Sep 2010 08:51:57 -0700 (PDT) Date: Wed, 8 Sep 2010 08:51:57 -0700 X-Google-Sender-Auth: GxOFdEc4gdMCClBAd5B95Xros-s Message-ID: From: mdf@FreeBSD.org To: freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: deprecating sprintf(9) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Sep 2010 15:51:59 -0000 Looking at the uses of kvprintf(9), only [v]sprintf(9) doesn't have a callback function. It seems a little sketchy to me to be doing unsafe sprintf in the kernel anyways. Should we (and by we, I mean me) deprecate sprintf(9) and convert the existing 1200+ uses to strcpy(9) for fixed strings (also potentially bad, but a different beast), or snprintf(9) where the size of the buffer is known? It seems like a large project, but OTOH sprintf(9) is mighty unsafe in the kernel. It's disapproved of for user-space as being unsafe for security reasons as well, but the potential downsides aren't the same, and we'll never clean up ports anyways. :-) Thoughts? matthew