Re: syslog()/snprintf(): beware of functions with fuzzy specs

[jna () concorde com (John Adams)]

On Wed, 6 Sep 1995, Casper Dik wrote:

> > BSD4.4 snprintf()s return the number of characters they would have
> > written had the buffer been infinite.  This is despite the manual page
> > saying they return the number of characters actually written.

> This should be fixed.  It requires the *snprintf() code to parse
> and examine all arguments: that isn't necessary.

Yes, it should be fixed, but we have a large problem in developing secure
code across platforms.

For a programmer to take into account all of the nuances of the different
compilers, operating systems, and libc.so* revisions. I'm beginning to
wonder if it would be easier to bundle a secure set of string operations
with code that I release, but even then I have to wonder of the integrity
of my code and the willingness of others to use it.

How do we resolve this issue?

-john