Subject: Re: proposal: disable *printf %n specifier in libc in NetBSD 1.5
To: Chris G. Demetriou <>
From: Bill Sommerfeld <>
List: tech-userlevel
Date: 09/11/2000 14:14:48
> It's not clear to me that losing standards conformance to make
> admittedly-broken programs somewhat more secure is either a good
> thing, or in keeping with the principle of least surprise.

the same argument could be used against the introduction of
snprintf(); applications *should* know how much space they'll need in

%n turns an otherwise "safe" interface into an interface as dangerous
as gets().

					- Bill