On Wed, Sep 08 2021, Renaud Allard <renaud@allard.it> wrote:
[...]
> I discussed with exim guys and it seems they are quiet reluctant at
> modifying "correct C code".
Even sprintf uses can be correct, it doesn't mean that people should use it.
> At least the acl.c one will cause issues as
> we have seen with the report from naddy@.
> So I propose to already commit
> that diff and check further if there are other issues.
If you're talking about the early build test by naddy@, build which
failed quickly because %n uses were flagged as compiler errors: a nicer
clang diff has been committed since, which shouldn't result in
a mail/exim build failure.
If you're worried that the %n uses in acl.c might trigger abort(3) calls
in libc, please check and confirm that this debug_printf_something call
actually ends up using stdio support for %n.
Note that the clang check for %n might trigger with any function that is
marked as "printf-like". That doesn't mean that our stdio layer will
parse the %n format.
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
No comments:
Post a Comment