This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination

From: Siddhesh Poyarekar <siddhesh at gotplt dot org>
To: Zack Weinberg <zackw at panix dot com>
Cc: Paul Eggert <eggert at cs dot ucla dot edu>, Jonathan Nieder <jrnieder at gmail dot com>, "Gabriel F. T. Gomes" <gabriel at inconstante dot eti dot br>, GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 27 Dec 2018 11:15:06 +0530
Subject: Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
References: <20181220215409.8971-1-gabriel@inconstante.eti.br> <fd68b440-14ce-dd14-fd80-20c80e097e20@cs.ucla.edu> <03d805a8-258c-cefa-4c8d-f4f1d577c3d5@gotplt.org> <9e180abb-7527-5759-0850-e23d0bb23f73@cs.ucla.edu> <20181226201950.GD11055@google.com> <b71e3d74-1e94-bdd5-5d01-b2fe2a69c939@cs.ucla.edu> <0ac86b95-7eaa-e490-57e8-5d9f208a10d3@gotplt.org> <CAKCAbMiMdJCrnTkYQfyG8TNNbKvVTE-orpQacLu1tH3z07jc_g@mail.gmail.com>

On 27/12/18 7:45 AM, Zack Weinberg wrote:

Despite having written the patch that broke the old behavior, I think
this is much too aggressive.  The fact that we almost immediately
discovered breakage after the patch landed means there are probably a
whole lot of programs out there relying on it, and I don't think it's
safe to assume people will pay attention to warnings _or_ read
documentation.  Witness how people are _still_ complaining about the
memcpy change.

I'm inclined to say that this degree of freedom is now frozen and we
need to accept that the old behavior has become a supported GNU
extension and we should document it as such, test for it, etc.  Not a
good extension, but one we are stuck with.  Failing that, I think we
need to preserve the old behavior for at least one more full release
and we need to announce as loudly and widely as possible that we are
changing it.  If we do change it, we should also make sure that the
new behavior is well-defined and tested for all cases of overlapping
buffers, and what the new behavior is must be documented, and we need
to stick to it.

Thanks, to clarify, is your position that we revert to old behaviour(for now) for the default case only or for everything, including_FORTIFY_SOURCE?


Siddhesh

Follow-Ups:
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Gabriel F. T. Gomes

References:
- [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Gabriel F. T. Gomes
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Paul Eggert
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Siddhesh Poyarekar
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Paul Eggert
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Jonathan Nieder
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Paul Eggert
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Siddhesh Poyarekar
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Zack Weinberg

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]