On 09.08.2019 17:34, Christos Zoulas wrote: > I think we should stop playing games and provide a completely compatible api. > If we want enhanced API's, those should be provided as extra. Yes, the magic > printf(fmt, ...) works most of the time. How about the case where there is no warning? > Like "%%" which will print 1 % on NetBSD and 2 everywhere else? What are you > going to do then? > In the practical world I saw 0 such issues with our existing API, even though it is still vulnerable to it. > christos > >> On Aug 9, 2019, at 5:06 PM, Kamil Rytarowski <n54%gmx.com@localhost> wrote: >> >> On 09.08.2019 16:03, Martin Husemann wrote: >>> On Fri, Aug 09, 2019 at 04:00:02PM +0200, Kamil Rytarowski wrote: >>>> On 09.08.2019 15:32, Christos Zoulas wrote: >>>>> My worry is that someone will call pthread_setname_np() with a >>>>> "%thread%s" name argument and get a core dump on a NetBSD system since >>>>> the string will be interpreted as a format (where in other OS's it will >>>>> be taken literally and work. >>>>> >>>> >>>> This will be caught by a compiler with __printflike() attribute. >>> >>> So in response to an incompatible API complaint, we change it to another >>> incompatible API? >>> >>> Martin >>> >> >> My proposal was to keep more or less API compatible one with the current >> NetBSD variation but just improve the function prototype. >> >> <sanitizer.log> >
Attachment:
signature.asc
Description: OpenPGP digital signature