This is the mail archive of the
gdb@sources.redhat.com
mailing list for the GDB project.
Re: about the usage of sprintf in gdb, specifically in gdb/remote.c
- From: Wu Zhou <woodzltc at cn dot ibm dot com>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: gdb at sources dot redhat dot com, gdb-patches at sources dot redhat dot com, mark dot kettenis at xs4all dot nl
- Date: Thu, 26 May 2005 02:37:08 -0700 (PDT)
- Subject: Re: about the usage of sprintf in gdb, specifically in gdb/remote.c
- References: <Pine.LNX.4.63.0505250645170.1089@plinuxt18.cn.ibm.com><u3bsbma8l.fsf@gnu.org>
On Wed, 25 May 2005, Eli Zaretskii wrote:
> That might be so today, but if some day someone changes either the
> size of buf[] or the format string, things could become messy.
>
> I'd say, if we leave sprintf here, let's at least use sizeof(buf) in
> the call to sprintf instead of a literal 8 in the format string.
Yes, you are right. With this point in mind, I prefer to use xsnprint in
this place too.
> As for the other 2 examples, I'd use safer functions there. It's
> unreasonable to request that Joe Random Hacker who happens to read the
> code should perform the amount of analysis you demonstrated to
> convince him/herself that the code is safe. Most programmers won't go
> to such lengths.
Yes, I bet that too. My intention in doing so is only to see whether
there are any really overflow. It is purely out of curiosity. :-)
BTW, what is your point on my analysis in section 3.1. I believe
it might incur an overflow. But I need to design a scenario to verify
that.
Cheers
- Wu Zhou