From owner-freebsd-current@FreeBSD.ORG  Wed Sep  8 15:51:59 2010
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 10CF810656B2
	for <freebsd-current@freebsd.org>; Wed,  8 Sep 2010 15:51:59 +0000 (UTC)
	(envelope-from mdf356@gmail.com)
Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com
	[209.85.213.182])
	by mx1.freebsd.org (Postfix) with ESMTP id C2B448FC19
	for <freebsd-current@freebsd.org>; Wed,  8 Sep 2010 15:51:58 +0000 (UTC)
Received: by yxn35 with SMTP id 35so113713yxn.13
	for <freebsd-current@freebsd.org>; Wed, 08 Sep 2010 08:51:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:sender:received:date
	:x-google-sender-auth:message-id:subject:from:to:content-type;
	bh=pujKQgDyIiFe33s0+qadVic1Kyc5QGyOptRH1WPxQCU=;
	b=As5GO8IWZKvlGjWWxPCEA2WLv8XL/gESmoSk55ss+K+dN6RBYwx9/DKkqIfhGnsjy9
	xPHOifTOm3XEXKnkYUUbuFBy3fjPjpwZElg4eoakrrpP5WHA6FccRb3A3LfQa2gl7D0a
	HQ00S9/9Me/G6ia7EtFI+aJQ3l0agecgy1yWA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:sender:date:x-google-sender-auth:message-id:subject
	:from:to:content-type;
	b=aRu91eVEOCGtCjEWfFm58NWfVaGgNyAGxn7ZClGzFM5xnPDI0GUis7EPd6WeRCdcrl
	wX4wRNos9BRfzUgqzQDLb8cCbBq9sDCtwfN0pnpP+QxHS2CQAsrlLiunnLQkWPNpnFAn
	c/mjmCsL1iRXB2AYVoodYhiN1/okPlElFgeYI=
MIME-Version: 1.0
Received: by 10.100.93.12 with SMTP id q12mr98143anb.183.1283961117776; Wed,
	08 Sep 2010 08:51:57 -0700 (PDT)
Sender: mdf356@gmail.com
Received: by 10.100.126.20 with HTTP; Wed, 8 Sep 2010 08:51:57 -0700 (PDT)
Date: Wed, 8 Sep 2010 08:51:57 -0700
X-Google-Sender-Auth: GxOFdEc4gdMCClBAd5B95Xros-s
Message-ID: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com>
From: mdf@FreeBSD.org
To: freebsd-current@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: deprecating sprintf(9)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Sep 2010 15:51:59 -0000

Looking at the uses of kvprintf(9), only [v]sprintf(9) doesn't have a
callback function.  It seems a little sketchy to me to be doing unsafe
sprintf in the kernel anyways.

Should we (and by we, I mean me) deprecate sprintf(9) and convert the
existing 1200+ uses to strcpy(9) for fixed strings (also potentially
bad, but a different beast), or snprintf(9) where the size of the
buffer is known?

It seems like a large project, but OTOH sprintf(9) is mighty unsafe in
the kernel.  It's disapproved of for user-space as being unsafe for
security reasons as well, but the potential downsides aren't the same,
and we'll never clean up ports anyways. :-)

Thoughts?
matthew