Bug in csh (history, "!a%100s"). Report and Fix.
Dan Heller
argv%eureka at Sun.COM
Fri Jul 7 08:24:16 AEST 1989
In article <771 at sbsvax.UUCP> greim at sbsvax.UUCP (Michael Greim) writes:
> In article <113630 at sun.Eng.Sun.COM>, argv%eureka at Sun.COM (Dan Heller) writes:
> > Why are people so stuck on using printf? Michael Greim finds a bug
Basically, I apologize for the "flame" that people seem to think I
posted. I wasn't flaming really. I just meant to point out that
puts() will never be slower than printf(), so to avoid "other bugs"
(see below), it's safer to use puts when that's what you really meant.
Sorry, Michael.
> > As soon as there is a %s in the data written, you
> > just created a junk file. And this is also the type of bug that doesn't
> Normally one gets a core dump fairly quick.
> How can you create a file using
> fprintf ("%s", n);
> ? (Which is what I think you are writing about)
> And then there is lint ...
No, I was talking about the type of bug that lint can't catch. That is,
I see this type of usage all the time:
...
send_to_file("this is a string");
...
send_to_file(s)
char *s;
{
extern FILE *fp;
fprintf(fp, s);
}
It is this type of bug that eventually catches up to you. For example,
a hypothetical mail program could extract the return address of a user
and try to print it:
extern char *get_return_address();
char *addr;
addr = get_return_address(message_3);
...
printf(addr);
Now, suppose the address that was returned was:
argv%island at sun.com
What do you suppose will happen? This is the type of warning I was
trying to convey to people. Sorry if I implied anything else...
dan <island!argv at sun.com>
-----
My postings reflect my opinion only -- not the opinion of any company.
More information about the Comp.sources.bugs
mailing list