On 09.08.2019 17:39, Kamil Rytarowski wrote: > On 09.08.2019 17:34, Christos Zoulas wrote: >> I think we should stop playing games and provide a completely compatible api. >> If we want enhanced API's, those should be provided as extra. Yes, the magic >> printf(fmt, ...) works most of the time. How about the case where there is no warning? >> Like "%%" which will print 1 % on NetBSD and 2 everywhere else? What are you >> going to do then? >> > > In the practical world I saw 0 such issues with our existing API, even > though it is still vulnerable to it. > And in the current usage idiom that is expected to be used: "%s", (void*)name there are also 0 potential issues with such pitfails. >> christos >> >>> On Aug 9, 2019, at 5:06 PM, Kamil Rytarowski <n54%gmx.com@localhost> wrote: >>> >>> On 09.08.2019 16:03, Martin Husemann wrote: >>>> On Fri, Aug 09, 2019 at 04:00:02PM +0200, Kamil Rytarowski wrote: >>>>> On 09.08.2019 15:32, Christos Zoulas wrote: >>>>>> My worry is that someone will call pthread_setname_np() with a >>>>>> "%thread%s" name argument and get a core dump on a NetBSD system since >>>>>> the string will be interpreted as a format (where in other OS's it will >>>>>> be taken literally and work. >>>>>> >>>>> >>>>> This will be caught by a compiler with __printflike() attribute. >>>> >>>> So in response to an incompatible API complaint, we change it to another >>>> incompatible API? >>>> >>>> Martin >>>> >>> >>> My proposal was to keep more or less API compatible one with the current >>> NetBSD variation but just improve the function prototype. >>> >>> <sanitizer.log> >> > >
Attachment:
signature.asc
Description: OpenPGP digital signature