[Patch, libfortran] Replace sprintf() with snprintf()
Jerry DeLisle
jvdelisle@frontier.com
Fri Apr 15 12:40:00 GMT 2011
On 04/14/2011 11:53 PM, Janne Blomqvist wrote:
> Hi,
>
> as is well known, sprintf() is prone to buffer overflow, hence
> snprintf(). libgfortran uses snprintf() in some places, but not
> everywhere. Rather than analyzing every sprintf() call for a potential
> overflow, the attached patch takes the dogmatic but simple approach of
> replacing all the remaining sprintf() usage with snprintf().
>
> For targets without snprintf(), io/list_read.c contained a fallback
> macro that uses sprintf(); this is moved to libgfortran.h so that it's
> available everywhere.
>
> readelf -s libgfortran.so|grep sprintf
>
> confirms that there is no remaining usage of sprintf().
>
> Regtested on x86_64-unknown-linux-gnu, Ok for trunk?
>
OK, thanks.
Jerry
More information about the Gcc-patches
mailing list