Re: Psiconv

From: Dom Lachowicz (doml@appligent.com)
Date: Wed Aug 21 2002 - 19:08:35 EDT

Next message: Martin Sevior: "Re: Enhancement: Table of Contents?"

Previous message: frodol@dds.nl: "Re: Psiconv"
In reply to: frodol@dds.nl: "Re: Psiconv"
Next in thread: Jody Goldberg: "Re: Psiconv"
Reply: Jody Goldberg: "Re: Psiconv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I think that he is advocating removing snprintf and replacing it with
something else, which may or may not be sprintf. The problem seems to
be that snprintf isn't available on some of the more 'exotic'
platforms, like HP/UX 10.20. I personally could never advocate removing
snprintf to be removed for the less-secure sprintf.

I *have* been willing to remove snprintf from AbiWord's code since I
have a fast and portable replacement for it (much like GLib's
g_strdup_printf). What you do with your codebase is your decision,
however. I don't believe this to be a problem for the AbiWord CVS HEAD
version, as I really don't care whether the Psiconv plugin builds on a
10 year old platform iff that person isn't willing to install snprintf.

Dom

On Wednesday, August 21, 2002, at 05:08 PM, frodol@dds.nl wrote:

> Mark Gilbert wrote:
>>
>> Greetings.
>> As you know well, AbiWord uses psiconv for psion impexp. AbiWord-HEAD
>> no longer requires it (only the psion plugin). AbiWord-STABLE
>> (currently ABI-1-0-0-STABLE) does, and that won't change. Being
>> stable
>> co-maintainer, release coordinator, and build engineer, I'm thrice
>> concerned that unix variants which lack native snprintf cannot build
>> abi
>> without third party snprintf which has proven to be unreliable at
>> best.
>>
>> I've cleaned out all the snprintf from abi/, but psiconv's error.c
>> still
>> poses a problem. I thought (well, dom thought, and I concur) I'd go
>> to
>> you before implementing some adhoc quickfix.
>> Help appreciated.
>
> Hi Mark,
>
> I am not so sure I understand your problem.
>
> Are you really suggesting not to use snprintf, but the old sprintf
> instead?
> While every security-minded programmer is avoiding sprintf because of
> string overflow problems? Or are referring to vsnprintf, the variant
> which can take a variable number of parameters?
>
> Thanks,
> Frodo
>
> --
> Frodo Looijaard <frodol@dds.nl> PGP key and more:
> http://huizen.dds.nl/~frodol
> Defenestration n. (formal or joc.):
> The act of removing Windows from your computer in disgust, usually
> followed
> by the installation of Linux or some other Unix-like operating
> system.

Next message: Martin Sevior: "Re: Enhancement: Table of Contents?"
Previous message: frodol@dds.nl: "Re: Psiconv"
In reply to: frodol@dds.nl: "Re: Psiconv"
Next in thread: Jody Goldberg: "Re: Psiconv"
Reply: Jody Goldberg: "Re: Psiconv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Aug 21 2002 - 19:12:20 EDT