This is the mail archive of the
gdb-patches@sources.redhat.com
mailing list for the GDB project.
Re: PATCH: Add type_sprint() function to return type in string form
On Tue, Apr 22, 2003 at 03:21:02PM -0400, Andrew Cagney wrote:
>
> >>GDB should use neither sprint* nor asprint*.
> >
> >
> >I disagree. Why on earth wouldn't we use sprintf? Just because it can
> >be used incorrectly is no excuse.
>
> You're kidding right?
>
> The ARI indicates that all sprintf calls should be replaced with either
> snprintf or xasprintf.
>
> Replacing sprintf with functions that are immune to buffer overrun
> problems, eliminates an entire class of bug.
>
> Even something as simple as:
> char buf[100000000];
> sprintf (buf, _("a"));
> is broken.
No, I'm not kidding. I've worked in computer security for about six
years now and I still use sprintf. It's simple, it's effective, and if
you use it reasonably carefully, nothing will go wrong.
Not to mention that there are a number of buggy implementations of
snprintf; they're slowly starting to fade from use, thank the lord, but
you still see 'em now and again.
Of course, in those six years I've had this argument about ten times.
It seems to be about a 50/50 split between developers.
And nothing involving translation is simple.
> >>The xasprint* family all have the signature:
> >>
> >> ...xasprint* (char **buf, ....)
> >>
> >>which doesn't apply here.
> >
> >
> >Perhaps it should apply?
>
> Sure, but the interface would sux.
Then what would you prefer? I have a really negative gut reaction to
putting dup in the name; it's not duplicating anything.
type_as_string?
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer