Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Sep 2010 18:15:31 +0200
From:      Rink Springer <rink@FreeBSD.org>
To:        mdf@FreeBSD.org
Cc:        freebsd-current@freebsd.org
Subject:   Re: deprecating sprintf(9)
Message-ID:  <20100908161531.GJ37467@rink.nu>
In-Reply-To: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com>
References:  <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi,

On Wed, Sep 08, 2010 at 08:51:57AM -0700, mdf@FreeBSD.org wrote:
> It seems like a large project, but OTOH sprintf(9) is mighty unsafe in
> the kernel.  It's disapproved of for user-space as being unsafe for
> security reasons as well, but the potential downsides aren't the same,
> and we'll never clean up ports anyways. :-)

Deprecating it may be usable, yet I don't believe we can easily enforce
such a policy [1]. Have you looked at how many (potentially) unsecure
uses there are in the kernel, to give an idea how useful such an effort
would be?

[1] Unless we'd go through things like Visual Studio's
    #define strcpy __strcpy_unsafe_use_string_cb_copy stuff...

Regards,

-- 
Rink P.W. Springer                                - http://rink.nu
"The power of accurate observation is commonly
 called cynicism by those who have not got it."
- George Bernard Shaw



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100908161531.GJ37467>