From: "Michael Kerrisk (man-pages)" <mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: Rich Felker <dalias-8zAoT0mYgF4@public.gmane.org>
Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
"linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: Outdated scare text in snprintf man page
Date: Sun, 29 Jun 2014 08:29:18 +0200 [thread overview]
Message-ID: <53AFB23E.40702@gmail.com> (raw)
In-Reply-To: <20140629034549.GX179-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
Hi Rich,
On 06/29/2014 05:45 AM, Rich Felker wrote:
> The following text appears under BUGS in the snprintf man page:
>
> Linux libc4.[45] does not have a snprintf(), but provides a
> libbsd that contains an snprintf() equivalent to sprintf(),
> that is, one that ignores the size argument. Thus, the use of
> snprintf() with early libc4 leads to serious security problems.
>
> I've had people cite this as a reason to be wary of using snprintf,
> apparently unaware of what libc4 means. IMO it should just be removed;
> it's way too old to be relevant.
Thanks reporting this.
Yes, I agree. I removed this text, and indeed all of the other libc4
and lib5 pieces in the page. Linux libc is ancient history, and those
pieces of text are more clutter than help.
Cheers,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2014-06-29 6:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-29 3:45 Outdated scare text in snprintf man page Rich Felker
[not found] ` <20140629034549.GX179-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2014-06-29 6:29 ` Michael Kerrisk (man-pages) [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53AFB23E.40702@gmail.com \
--to=mtk.manpages-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=dalias-8zAoT0mYgF4@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.