Re: ProFTPD 1.2.0pre4 available

[deraadt () CVS OPENBSD ORG (Theo de Raadt)]

> In addition, it is worth noting that snprintf() as specified by the
> C9x draft has return value semantics different from those commonly
> found.  As a result, calls to snprintf() where the return value is
> checked should be scrutinized, since this change could presumably pose
> a security risk.
>
> To cite one place where this changes, glibc 2.1 uses the C9x return
> value semantics, whereas glibc 2.0 uses the older semantics.

Yes, people should be really careful about this.

- The 4.4 BSD snprintf routines were mostly right before, and now
  they are even better.  I can only speak for OpenBSD.
- The older Solaris versions are broken.
- The newer Solaris versions are wrong (7+?).
- The opengroup XPG web documentation is wrong.
- But the opengroup group internal documentation is fixed (we believe)
- Older C9X specifications are wrong.
- Newer versions of the C9X specification are fixed (we believe)

Casper Dik, Todd Miller, Chris Torek, and I got in touch with the
standards commitees and got it fixed.  The fixed versions return the
amount of data they wanted to put into the string, even if they fail.
The broken versions returned -1 or the truncation length.  A few other
issues regarding -1 return values also existed.