Subject: Re: CVS commit: src/sys
To: None <itojun@iijlab.net>
From: Charles M. Hannum <abuse@spamalicious.com>
List: tech-kern
Date: 04/24/2004 18:02:38
On Saturday 24 April 2004 17:36, itojun@iijlab.net wrote:
> >	the original code (with sprintf) is already broken, as sprintf()
> >	returns -1 on failure.  we just need to fix all of these
> >	cp += sprintf (or snprintf).
>
> 	happy now?

No.  If this is a "security" change, then it should not occur only with 
DIAGNOSTIC, especially given that most people don't use DIAGNOSTIC any more.

I'd be happier if snprintf (or some trivial variant) always paniced if a 
buffer was too small, and therefore never returned too large a value.