Re: patch for qpopper remote exploit bug

[mouse () RODENTS MONTREAL QC CA (der Mouse)]

> Today, snprintf and vsnprintf are required.  Without them, there's
> some code in the libraries which cannot be written safely.

> ie:

> gen/syslog.c:   prlen = vsnprintf(p, tbuf_left, fmt_cpy, ap);

Actually, stuff like this can be done just fine with what NetBSD (and
OpenBSD, presumably) calls funopen() - you don't actually {,v}snprintf.
Indeed, funopen() is a bit of a sledgehammer; all the rest of stdio
could be removed without losing any power (just convenience).

I actually prefer funopen() in most respects.  In particular, it allows
things like printing into mallocked storage without having to impose a
length limit (which naive use of snprintf and strdup does).

stdio has desperately needed something like funopen() for a long time.
It was so egregiously missing that I hacked it into the 4.3 stdio back
when I was working with 4.3...I called it fopenfxn() and the interface
was a bit different, but it was basically the same idea.

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B