Todd Vierling wrote:
> On Fri, 28 Jul 2000, Jonathan Stone wrote:
> 
> : First, Do we really want to remove [v]sprintf permanently?  Doesn't
> : that make for yet more very-low-payback nuisance changes when
> : importing kernel source which originates elsewhere, and tracking
> : changes from elsewhere?  (For new netbsd-originated code, sure.)
> 
> Personally, I think so.  The open-ended nature of [v]sprintf() has run into
> problems time after time, and the extra argument passing is a small price
> (there's really no other overhead, if you compare vsprintf vs. vsnprintf in
> subr_prf.c).  It also makes the programmer think long and hard about reusing
> buffers in constructs like:

I do think that enforcing good programming style alone is worth this change.
Furthermore, buffer overflows in kernel may have really nasty effects
and are extremely hard to track down. Obviously, also all the strcat()'s
and strcpy()'s should be audited, but let's not touch that one (yet :).

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>      http://www.ics.muni.cz/~dolecek/
@@@@  Wanna a real operating system ? Go and get NetBSD, damn!  @@@@