This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug stdio/17829] Incorrect handling of precision specifier in printf family
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 20 Feb 2015 09:20:56 +0000
- Subject: [Bug stdio/17829] Incorrect handling of precision specifier in printf family
- Auto-submitted: auto-generated
- References: <bug-17829-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17829
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to nfxjfg from comment #3)
> >Certainly, this use is not recommended because printf will allocate tons of memory as part of the format processing.
>
> There's literally no reason why it'd need to allocate memory of the size of
> the maximum _possible_ length of the string. In fact, I'd argue printf
> doesn't need to do unbounded memory allocations at all.
But it's what the code does today. It could be implemented differently, sure,
but until someone writes the code, submits it, and gets it through review, it's
how things are.
--
You are receiving this mail because:
You are on the CC list for the bug.