[OpenAFS-devel] Re: sprintf -> snprintf...

Jeffrey Hutzelman jhutz@cmu.edu
Sat, 28 Jun 2003 13:07:08 -0400 (EDT)


On Fri, 27 Jun 2003, R. Lindsay Todd wrote:

> A number of changes to CVS lately have converted uses of sprintf to
> afs_snprintf in the fileserver and volserver.  It turns out that some of
> the uses of sprintf are problematic: There are cases of %Ld being used
> -- I believe that is a GNU extension.  I found one buffer overrun
> involving deleting volumes...  Who knows what else lurks?  So it seems
> to me that moving to snprintf and similar is necessary to ensure safety.

I don't think %Ld is even a GNU extension; it's probably just a
misunderstanding on the part of whoever wrote that format string.  The L
modifier applies only to floating-point conversions, not integer ones.

> So it seems to me that we should always use our own afs_snprintf.  The
> only question I have: Is the version we have in src/util robust enough
> to replace sprintf throughout the codebase? It seems to be for src/vol,
> src/volser, and src/viced, but I haven't gone through other parts of the
> code.

I believe it should be.  It wasn't written specifically for OpenAFS, but
it was intended to be "fairly complete", specifically so I could drop it
in as a replacement for an existing snprintf that just called the system
sprintf without checking the length.

-- Jeff