On Sun, Dec 28, 2008 at 12:02:46PM -0600, Steve Langasek wrote: > On Sun, Dec 28, 2008 at 12:42:46AM -0800, Kees Cook wrote: > > pcregrep -M 'sprintf\s*\(\s*([^,]*)\s*,\s*"%s[^"]*"\s*,\s*\1\s*,' > > pcregrep -M 'snprintf\s*\(\s*([^,]*)\s*,[^,]*,\s*"%s[^"]*"\s*,\s*\1\s*,' > > I would note that this regexp, and the proposed solution, will not match > i18nized format strings; i.e., > > sprintf(buf, _("%s plus %d"), buf, k);
If _any_ of the translations doesn't start with %s, it will break. Oh, and you used sprintf() not snprintf() -- it's a guaranteed trample&segfault here. From what I've seen, many languages like to quote things not usually quoted in English, so the core will be filled with '`', '“' or '»'. The sprintf(buf, "%s foo", buf) hack is indeed something that should be rooted out. It happens to work on glibc (usually), but it's neither portable nor sane. > I don't know whether these are also a problem in practice - but if so, using > sprintf(buf + strlen(buf) [...]) is definitely wrong. In that case, I see no choice but using a second buffer... -- 1KB // Microsoft corollary to Hanlon's razor: // Never attribute to stupidity what can be // adequately explained by malice. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org