Subject: Re: CVS commit: src/sys
To: None <>
From: Charles M. Hannum <>
List: tech-kern
Date: 04/24/2004 18:02:38
On Saturday 24 April 2004 17:36, wrote:
> >	the original code (with sprintf) is already broken, as sprintf()
> >	returns -1 on failure.  we just need to fix all of these
> >	cp += sprintf (or snprintf).
> 	happy now?

No.  If this is a "security" change, then it should not occur only with 
DIAGNOSTIC, especially given that most people don't use DIAGNOSTIC any more.

I'd be happier if snprintf (or some trivial variant) always paniced if a 
buffer was too small, and therefore never returned too large a value.