This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ob] More warnings; Call for assistance

> Date: Tue, 17 Jan 2006 14:46:24 -0500
> From: Daniel Jacobowitz <drow@false.org>
> 
> I disagree, because (IIRC) Debian users have filed at least two bugs
> where failures in this code have led to user input crashing GDB:
> 
>   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=186037
>   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=231162

These aren't crashes, GDB prints a legible error message and returns
to top level.  However, internal_error is not the best idea for these
situations, so we probably should arrange for GDB to mutter something
about possibly bad format instead, and not to ask whether to dump
core.

> The advantages of static format checking, in the face of that, are
> pretty large.

No matter what you do, as long as users are typing format strings, it
will always be possible for a format to exceed our wildest
imagination.  You cannot beat that, unless you are willing to
artificially restrict users to some safe and/or easily parsable subset
of valid formats, which I think we shouldn't do.

> avoid the use of standard printf

Avoid? how? are you saying that we should write our own version of
printf?
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]