Re: CVS commit: src/lib/libc

[Joerg Sonnenberger <joerg%britannica.bec.de@localhost>]

On Thu, Mar 01, 2012 at 10:37:39AM -0500, Greg Troxel wrote:
> 
>   Code that is using gets(3) is almost always broken. It doesn't just
> 
> No argument there, but that's not the question.   The questions are
> 
>   should NetBSD provide a compliant C99 environment?  (obviously yes)
> 
>   is moving gets(3) to libcompat consistent with the above (it seems
>   not, since your goal seems to be to force other people to make changes
>   because you don't like what they are doing)
> 
>   should NetBSD be in the business of making it difficult to do things
>   which are bad practice?   (Here I would say warnings are fine, and
>   that standards compliance is more important.)

So provide the trivial wrapper for fgets when compiled with -ansi
-pedantic. If there is no way to determine if -pedantic was present, we
might need to fix that.

The important thing here is that using gets(3) is not bad practice, it
is plainly a bug. Using strcpy without checking the string length first
is bad practise. *But* strcpy can be used safely and even without
explicit checks, it can be correct, e.g. if the programmer does ensure
that the buffer limits are correct by other means. On the other hand,
there is no way to use gets(3) without mandating line lengths on the
input, so in effect, it can't be used correctly. It is just as simple as
that.

My strong dislike of *_s from C11 is not relevant. Those functions are
not part of the core standard, but an (optional) annex.

Joerg