From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christoph Egger Subject: Re: [PATCH 4 of 6] Add sprintf() to hvmloader Date: Tue, 29 Nov 2011 12:11:40 +0100 Message-ID: <4ED4BDEC.4010403@amd.com> References: <4ED4BBA5.4030403@amd.com> <291EDFCB1E9E224A99088639C4762022B5988E4EB6@LONPMAILBOX01.citrite.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <291EDFCB1E9E224A99088639C4762022B5988E4EB6@LONPMAILBOX01.citrite.net> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Paul Durrant Cc: "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org On 11/29/11 12:04, Paul Durrant wrote: >> -----Original Message----- >> From: Christoph Egger [mailto:Christoph.Egger@amd.com] >> Sent: 29 November 2011 11:02 >> To: Paul Durrant >> Cc: xen-devel@lists.xensource.com >> Subject: Re: [Xen-devel] [PATCH 4 of 6] Add sprintf() to hvmloader >> >> On 11/29/11 11:53, Paul Durrant wrote: >>> # HG changeset patch >>> # User Paul Durrant # Date 1322563734 0 # >>> Node ID e9997777ab6d629b97a8b8f020c18f40c4cf3aa0 >>> # Parent 58cdfa17fb8801ab0a9e8133e0ec2ad47a426f5d >>> Add sprintf() to hvmloader. >> >> For security reasons I prefer snprintf(). >> > > Given the limited usecase, I decided it wasn't worth it but > I can tag on a extra patch to make the conversion if you want me to. Yes, please. This makes new code less prone to buffer overflows in general. Christoph -- ---to satisfy European Law for business letters: Advanced Micro Devices GmbH Einsteinring 24, 85689 Dornach b. Muenchen Geschaeftsfuehrer: Alberto Bozzo, Andrew Bowd Sitz: Dornach, Gemeinde Aschheim, Landkreis Muenchen Registergericht Muenchen, HRB Nr. 43632