SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 07:39 AM
| ||||
| ||||
 Re: sprintf warning in libstdc++ libc is now compiled to warn about such things. Yes, there is a library like that included in OpenBSD, used by a few rare applications here and there.. You may have heard of sprintf being associated with buffer overflows over the last, oh, what, 10 or more years? In this case, it's not really our problem. Go do a ports tree compile. Please alert the GNU people about this problem in their code. From now on, including OpenBSD 3.7, we will warn for such bad functions being called. But it is up to the individual outside-source groups to clean their own code up. So mail them. > After an upgrade, I get warnings for sprintf in libstdc++. Things look > like this: > > $ c++ \ > -g -o test_internal \ > main.o ../../../../lib/libmyc++/libmyc++.a \ > > /usr/lib/libstdc++.so.34.0: warning: sprintf() is often misused, please use snprintf() > > After checking, it looks like something in libstdc++ really uses > sprintf: > > $ nm /usr/lib/libstdc++.so.34.0 |grep sprintf > U sprintf > > This is i386, current as of last week (Mar 9). > > Looks like either > src/gnu/lib/libstdc++/libstdc++/config/locale/generic/c_locale.h > or > src/gnu/lib/libstdc++/libstdc++/config/locale/gnu/c_locale.h > is the culprit. There's snprintf based replacement code there, but this > is conditionalized with #ifdef _GLIBCPP_USE_C99, which seems to be off > for OpenBSD. > > I've seen no change to that code since the last upgrade (just ran cvsync > and cvs -nq up -A to check). > > Kind regards, > > Hannah. > -- > Hannah Schrvter Entwicklung hannah@schlund.de > Bei Schlund + Partner AG Brauerstra_e 48 D-76135 Karlsruhe > This specification allows any of these approaches. Solving the > Halting Problem is considered extra credit. (RFC 3028)      |
Linear Mode
