This is the mail archive of the ecos-devel@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Should we add compiler warnings to diag_sprintf & diag_vsprintf ?


Rutger Hofman wrote:
Chris Holgate wrote:
I've just had to add support for diag_vsnprintf to diag.h as part of
writing some logging code.  We all know that sprintf, vsprintf and their
 evil unchecked spawn are the source of lots of buffer overflow bugs -
so while I'm prepping a patch for this change is it worth adding
compiler warning attributes to diag_sprintf and diag_vsprintf to help
'discourage' their use?

That would collide with -Werror -- an option I happen to like a lot. Besides, my guess is that the vsnprintf functions will be called through some printf-style variadic function, and the compiler can verify arguments there.

Ach, I misunderstood. You want to discourage diag_sprintf and diag_vsprintf in favour of diag_vsnprintf. I fully agree here.


Rutger


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]