Date: Wed, 8 Sep 2010 18:15:31 +0200 From: Rink Springer <rink@FreeBSD.org> To: mdf@FreeBSD.org Cc: freebsd-current@freebsd.org Subject: Re: deprecating sprintf(9) Message-ID: <20100908161531.GJ37467@rink.nu> In-Reply-To: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com> References: <AANLkTikO1v7YMFKVZkHZDmurcyfq0QbTkPxG=LNBdKSp@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Wed, Sep 08, 2010 at 08:51:57AM -0700, mdf@FreeBSD.org wrote: > It seems like a large project, but OTOH sprintf(9) is mighty unsafe in > the kernel. It's disapproved of for user-space as being unsafe for > security reasons as well, but the potential downsides aren't the same, > and we'll never clean up ports anyways. :-) Deprecating it may be usable, yet I don't believe we can easily enforce such a policy [1]. Have you looked at how many (potentially) unsecure uses there are in the kernel, to give an idea how useful such an effort would be? [1] Unless we'd go through things like Visual Studio's #define strcpy __strcpy_unsafe_use_string_cb_copy stuff... Regards, -- Rink P.W. Springer - http://rink.nu "The power of accurate observation is commonly called cynicism by those who have not got it." - George Bernard Shaw
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100908161531.GJ37467>