[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [patch #3686] Trivial patch to change sprintf to snprintf in libltdl
|
From: |
Albert Chin |
|
Subject: |
Re: [patch #3686] Trivial patch to change sprintf to snprintf in libltdl |
|
Date: |
Wed, 26 Jan 2005 23:25:08 -0600 |
|
User-agent: |
Mutt/1.5.6i |
On Wed, Jan 26, 2005 at 10:31:17PM -0500, Daniel Reed wrote:
> On 2005-01-27T03:10-0000, anonymous wrote:
> ) -------------------------------------------------------
> ) Date: Wed 01/26/2005 at 22:10 Name: ltdl.c.diff Size: 1.08KB By: None
> ) Changes sprintf to snprintf
> ) <http://savannah.gnu.org/patch/download.php?item_id=3686&item_file_id=4100>
>
> This patch changes three calls to sprintf(buf, format, arg) to snprintf(buf,
> sizeof(buf), format, arg). Unfortunately, in all three cases, buf is a
> dynamically allocated buffer, so sizeof(buf) will always be 4 bytes (as
> opposed to the size of the actual buffer).
>
> Even if the correct size was used as the second argument to snprintf,
> however, it would not be necessary; in at least the first and third cases,
> buf is shown (in the context of the patch) to be dynamically allocated to be
> exactly the correct size for the target string, so there is no possibility
> for overflow.
More importantly, snprintf is not available on Solaris 2.5.1, Tru64
UNIX 4.0D, and, depending on what libc patch you have, HP-UX 10.20.
--
albert chin (address@hidden)
[patch #3686] Trivial patch to change sprintf to snprintf in libltdl, Ralf Wildenhues, 2005/01/27