Re: CVS commit: src/lib/libc

[David Laight <david%l8s.co.uk@localhost>]

On Sun, Mar 04, 2012 at 01:06:03PM -0700, Warner Losh wrote:
> 
> On Mar 3, 2012, at 5:55 PM, David Holland wrote:
> 
> > On Thu, Mar 01, 2012 at 11:14:16AM -0700, Warner Losh wrote:
> >> Maybe somebody can look at a full pkgsrc build to see how many
> >> instances of gets are in it?
> > 
> > Given the way bulk builds work, and various logistical reasons that is
> > unlikely to change, the only practical way to check this is to remove
> > gets locally before doing a build.
> > 
> > Perhaps I'll do this. Any such program is broken and needs to be
> > patched. Your example is unpersuasive.
> 
> So there's no way to troll through the build binaries for references
> to gets, at least in the dynamically linked binaries?  That's unfortunate.
> 
> My example was a place where it was completely safe to use.
> I offered only to counter those that said it is never safe,
> which is factually untrue.
> 
> But given the extreme ease with which it is unsafe to use,
> I'm with the 'get it out' crowd, but only if it doesn't provoke
> wide-spread chaos.
> without data, it is hard to say for sure the level of chaos.

Running 'objdump -D' and grepping for '\<gets\>' will probably find them.

I wonder it it would be worth adding a function that is like gets,
but takes a buffer length (ie discards the \n - and maybe the rest of the
line).

That could be used as a compile-time substitute when the buffer
size is known - ie when 'sizeof buffer != sizeof (char *)'

        David

-- 
David Laight: david%l8s.co.uk@localhost