[OpenAFS-devel] Re: sprintf -> snprintf...
Jeffrey Hutzelman
jhutz@cmu.edu
Sat, 28 Jun 2003 13:07:08 -0400 (EDT)
On Fri, 27 Jun 2003, R. Lindsay Todd wrote:
> A number of changes to CVS lately have converted uses of sprintf to
> afs_snprintf in the fileserver and volserver. It turns out that some of
> the uses of sprintf are problematic: There are cases of %Ld being used
> -- I believe that is a GNU extension. I found one buffer overrun
> involving deleting volumes... Who knows what else lurks? So it seems
> to me that moving to snprintf and similar is necessary to ensure safety.
I don't think %Ld is even a GNU extension; it's probably just a
misunderstanding on the part of whoever wrote that format string. The L
modifier applies only to floating-point conversions, not integer ones.
> So it seems to me that we should always use our own afs_snprintf. The
> only question I have: Is the version we have in src/util robust enough
> to replace sprintf throughout the codebase? It seems to be for src/vol,
> src/volser, and src/viced, but I haven't gone through other parts of the
> code.
I believe it should be. It wasn't written specifically for OpenAFS, but
it was intended to be "fairly complete", specifically so I could drop it
in as a replacement for an existing snprintf that just called the system
sprintf without checking the length.
-- Jeff