Hi, On Wed, Sep 08, 2010 at 08:51:57AM -0700, mdf_at_FreeBSD.org wrote: > It seems like a large project, but OTOH sprintf(9) is mighty unsafe in > the kernel. It's disapproved of for user-space as being unsafe for > security reasons as well, but the potential downsides aren't the same, > and we'll never clean up ports anyways. :-) Deprecating it may be usable, yet I don't believe we can easily enforce such a policy [1]. Have you looked at how many (potentially) unsecure uses there are in the kernel, to give an idea how useful such an effort would be? [1] Unless we'd go through things like Visual Studio's #define strcpy __strcpy_unsafe_use_string_cb_copy stuff... Regards, -- Rink P.W. Springer - http://rink.nu "The power of accurate observation is commonly called cynicism by those who have not got it." - George Bernard ShawReceived on Wed Sep 08 2010 - 14:32:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:07 UTC