On 21 January 2023 at 05:27, Duncan Murdoch wrote:
| On 21/01/2023 5:15 a.m., Holger Hoefling wrote:
| > Is there a simple replacement that I can use?
|
| You should use snprintf() which has an extra argument to state the size
| of the buffer receiving the string. For example,
|
| char text[32];
| sprintf(text, "%.4g", value);
|
| could be written as
|
| char text[32];
| snprintf(text, 32, "%.4g", value);
|
| This will write a string with at most 31 characters before the NUL at
| the end, and avoids the possibility of a buffer overrun.
And even better idiom (which I only came to too late for the update of a few
of my packages) is to rely on sizeof() as in
char text[32];
snprintf(text, sizeof(text), "%.4g", value);
which works for many / most simple cases of such static buffers.
Sometimes this sprintf compiler 'noise' is shrapnel from other packages we
include as headers, and harder to fix. Brian Ripley kindly alerted us to one
remaining instance in the Rcpp headers which we fixed in October; the updated
package is currently awaiting its fate during its bi-annual update cycle but
is held in the dark and deep bowels of CRAN awaiting inspection (nine days
and counting now) as is package BH which in its annual update got a number of
headers refreshed from its upstream, plus an extra round of polish from
me. It too is available as an update in its git repo, and otherwise hiding in
those dark CRAN bowels. I keep telling myself I should remain hopeful that
maybe one day we get to take advantage of it. Hopefully soon.
Dirk
--
dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org
______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel
