Date: Wed, 8 Sep 2010 18:15:31 +0200 From: Rink Springer <rink@FreeBSD.org> To: mdf@FreeBSD.org Cc: freebsd-current@freebsd.org Subject: Re: deprecating sprintf(9) Message-ID: <20100908161531.GJ37467@rink.nu> In-Reply-To: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com> References: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
On Wed, Sep 08, 2010 at 08:51:57AM -0700, mdf@FreeBSD.org wrote:
> It seems like a large project, but OTOH sprintf(9) is mighty unsafe in
> the kernel. It's disapproved of for user-space as being unsafe for
> security reasons as well, but the potential downsides aren't the same,
> and we'll never clean up ports anyways. :-)
Deprecating it may be usable, yet I don't believe we can easily enforce
such a policy [1]. Have you looked at how many (potentially) unsecure
uses there are in the kernel, to give an idea how useful such an effort
would be?
[1] Unless we'd go through things like Visual Studio's
#define strcpy __strcpy_unsafe_use_string_cb_copy stuff...
Regards,
--
Rink P.W. Springer - http://rink.nu
"The power of accurate observation is commonly
called cynicism by those who have not got it."
- George Bernard Shaw
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100908161531.GJ37467>