On Mon, 14 Nov 2022 19:44:17 GMT, Xue-Lei Andrew Fan <[email protected]> wrote:
>> Hi,
>>
>> May I have this update reviewed?
>>
>> The sprintf is deprecated in Xcode 14 because of security concerns, and the
>> use of it causing building failure. The build could pass if warnings are
>> disabled for codes that use sprintf method. For the long run, the sprintf
>> could be replaced with snprintf. This patch is trying to check if snprintf
>> could be used.
>>
>> Thanks,
>> Xuelei
>
> Xue-Lei Andrew Fan has updated the pull request incrementally with one
> additional commit since the last revision:
>
> delete swp file
Mostly okay. There are some places where the result from `os::snprintf` could
be used instead of a later `strlen`. Most of those are pre-existing (so could
be considered for later cleanups), but in at least one case there was a new
strlen call introduced, so making the code slightly worse.
src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 226:
> 224: char buf[512];
> 225: os::snprintf(buf, sizeof(buf), "0x%02x:0x%x:0x%03x:%d", _cpu,
> _variant, _model, _revision);
> 226: if (_model2) os::snprintf(buf+strlen(buf), sizeof(buf) - strlen(buf),
> "(0x%03x)", _model2);
Instead of using `strlen(buf)` (now called twice!) to get the number of
characters written, use the result of the first call to `os::snprintf`.
src/hotspot/os/bsd/attachListener_bsd.cpp line 251:
> 249: BsdAttachOperation* BsdAttachListener::read_request(int s) {
> 250: char ver_str[8];
> 251: os::snprintf(ver_str, sizeof(ver_str), "%d", ATTACH_PROTOCOL_VER);
We later use `strlen(ver_str)` where we could instead use the result of
`os::snprintf`.
src/hotspot/os/bsd/attachListener_bsd.cpp line 294:
> 292: (atoi(buf) != ATTACH_PROTOCOL_VER)) {
> 293: char msg[32];
> 294: os::snprintf(msg, sizeof(msg), "%d\n",
> ATTACH_ERROR_BADVERSION);
Rather than using `strlen(msg)` in the next line, use the result from
`os::snprintf`.
src/hotspot/os/bsd/attachListener_bsd.cpp line 414:
> 412: // write operation result
> 413: char msg[32];
> 414: os::snprintf(msg, sizeof(msg), "%d\n", result);
Rather than using strlen(msg) in the next line, use the result from
os::snprintf.
src/hotspot/share/classfile/javaClasses.cpp line 2532:
> 2530: // Print module information
> 2531: if (module_name != NULL) {
> 2532: buf_off = (int)strlen(buf);
`buf_off` could be the result of `os::snprintf` instead of calling `strlen`.
src/hotspot/share/code/dependencies.cpp line 780:
> 778: }
> 779: } else {
> 780: char xn[12]; os::snprintf(xn, sizeof(xn), "x%d", j);
Pre-existing very unusual formatting; put a line break between the statements.
-------------
Changes requested by kbarrett (Reviewer).
PR: https://git.openjdk.org/jdk/pull/11115
