This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: "Gabriel F. T. Gomes" <gabriel at inconstante dot eti dot br>, libc-alpha at sourceware dot org
Date: Thu, 20 Dec 2018 14:17:38 -0800
Subject: Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
References: <20181220215409.8971-1-gabriel@inconstante.eti.br>

Dumb question: if fortification is enabled, why can't sprintf-likefunctions report an error when the source and destination overlap? Thepoint of fortification is to catch and report undefined behavior whenit's easy, as is the case here.

/* Test the sprintf (buf, "%s", buf) does not override buf.

I'm leery of adding this test case, as it tests undefined behavior thatthe glibc manual does not document as an extension (and it shouldn't bedocumented either).

Traditionally we didn't worry about breaking code like PughUtils.c's'sprintf(mess,"%s %d",mess,...)' under the principle that such code wasalready broken. Why depart from that tradition here?

Follow-Ups:
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Gabriel F. T. Gomes
- Re: [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Siddhesh Poyarekar

References:
- [PATCH] Set behavior of sprintf-like functions with overlapping source and destination
  - From: Gabriel F. T. Gomes

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]