On Wed, Sep 8, 2010 at 9:15 AM, Rink Springer <rink_at_freebsd.org> wrote: > Hi, > > On Wed, Sep 08, 2010 at 08:51:57AM -0700, mdf_at_FreeBSD.org wrote: >> It seems like a large project, but OTOH sprintf(9) is mighty unsafe in >> the kernel. It's disapproved of for user-space as being unsafe for >> security reasons as well, but the potential downsides aren't the same, >> and we'll never clean up ports anyways. :-) > > Deprecating it may be usable, yet I don't believe we can easily enforce > such a policy [1]. If the kernel sources don't use it then the prototype can be removed. > Have you looked at how many (potentially) unsecure > uses there are in the kernel, to give an idea how useful such an effort > would be? I presume all the kernel uses are safe at the moment, but it's an error prone construction. As of this morning grep found 1277 occurrences of sprintf(9) in sys/ and 23 occurrences of vsprintf(9) in sys/. Thanks, matthewReceived on Wed Sep 08 2010 - 15:13:49 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:07 UTC