Peter N. Lundblad wrote:
>On Thu, 13 May 2004, [UTF-8] Tobias Ringström wrote:
>
>
>
>>Branko ÄŒibej wrote:
>>
>>
>>>I'll note that most of our sprintfs are 100% safe. I see no reason to
>>>eliminate those, and add more allocations or gods forbid new pool
>>>arguments where there weren't any.
>>>
>>>
>>I checked the sprintfs that Peter changed and they were not in a
>>performance critical path, but I agree that there is no real need to
>>change them either. I have no strong opinion either way in this case,
>>but I did review his patch and it was at least correct.
>>
>>
>>
>The reason I wanted to do this in the first place was reviewability.
>sprintf can be a security hole, as we all know, so everytime one sees a
>sprintf, one have to look carefully. I see absolutely no reason, as Tobias
>also notes, to care about performance in the places where I replaced the
>sprintfs.
>
I'm not worrying about performance, only code simplicity.
> Actually, in one place the buffer length was one character too
>short (20 chars for a signed (possibly) 64-bit int, including the null
>character).
>
>
Now _that_ we do have to fix -- I'd suggest enlarging the buffer.
>Anyway, it is commited now as per approval by Tobias...
>
>
O.K. Just as long as none of those sprintfs are inside a loop. Standard
pool usage principles apply...
-- Brane
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu May 13 20:13:54 2004