From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 21945 invoked by alias); 22 Apr 2003 19:28:31 -0000 Mailing-List: contact gdb-patches-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sources.redhat.com Received: (qmail 21938 invoked from network); 22 Apr 2003 19:28:31 -0000 Received: from unknown (HELO crack.them.org) (65.125.64.184) by sources.redhat.com with SMTP; 22 Apr 2003 19:28:31 -0000 Received: from nevyn.them.org ([66.93.61.169] ident=mail) by crack.them.org with asmtp (Exim 3.12 #1 (Debian)) id 1983Rc-0004z7-00; Tue, 22 Apr 2003 14:28:44 -0500 Received: from drow by nevyn.them.org with local (Exim 3.36 #1 (Debian)) id 1983RM-0006cX-00; Tue, 22 Apr 2003 15:28:28 -0400 Date: Tue, 22 Apr 2003 19:28:00 -0000 From: Daniel Jacobowitz To: Andrew Cagney Cc: gdb-patches@sources.redhat.com Subject: Re: PATCH: Add type_sprint() function to return type in string form Message-ID: <20030422192827.GA21651@nevyn.them.org> Mail-Followup-To: Andrew Cagney , gdb-patches@sources.redhat.com References: <20030418152426.A93348@molenda.com> <20030422032629.GB5033@nevyn.them.org> <3EA57249.5020104@redhat.com> <20030422165455.GA31686@nevyn.them.org> <3EA57BD9.5020502@redhat.com> <20030422173348.GA325@nevyn.them.org> <3EA5961E.3060102@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3EA5961E.3060102@redhat.com> User-Agent: Mutt/1.5.1i X-SW-Source: 2003-04/txt/msg00408.txt.bz2 On Tue, Apr 22, 2003 at 03:21:02PM -0400, Andrew Cagney wrote: > > >>GDB should use neither sprint* nor asprint*. > > > > > >I disagree. Why on earth wouldn't we use sprintf? Just because it can > >be used incorrectly is no excuse. > > You're kidding right? > > The ARI indicates that all sprintf calls should be replaced with either > snprintf or xasprintf. > > Replacing sprintf with functions that are immune to buffer overrun > problems, eliminates an entire class of bug. > > Even something as simple as: > char buf[100000000]; > sprintf (buf, _("a")); > is broken. No, I'm not kidding. I've worked in computer security for about six years now and I still use sprintf. It's simple, it's effective, and if you use it reasonably carefully, nothing will go wrong. Not to mention that there are a number of buggy implementations of snprintf; they're slowly starting to fade from use, thank the lord, but you still see 'em now and again. Of course, in those six years I've had this argument about ten times. It seems to be about a 50/50 split between developers. And nothing involving translation is simple. > >>The xasprint* family all have the signature: > >> > >> ...xasprint* (char **buf, ....) > >> > >>which doesn't apply here. > > > > > >Perhaps it should apply? > > Sure, but the interface would sux. Then what would you prefer? I have a really negative gut reaction to putting dup in the name; it's not duplicating anything. type_as_string? -- Daniel Jacobowitz MontaVista Software Debian GNU/Linux Developer