------- Comment #8 from jb at gcc dot gnu dot org 2007-07-29 15:58 ------- I had a look at your patch, and one thing which looks worrying is the use of sprintf all over the place. That's just a recipe for buffer overflows, especially when combined with %s formatting.
I think Tobi's suggestion to use libiberty dyn-string is good. (In reply to comment #6) > There are also a few other issues with the incomplete patch. > vsnprintf can be replaced by __builtin_vsnprintf > on systems where it isn't available. Doesn't the compiler automatically take care of using builtin_vsnprintf? (In reply to comment #7) > I think I understand what's wrong with my patch now: The > stream initialized with init_error_stream was never flushed. > > I think I'll go with a naked write() call, which is > > a) simpler > > b) more robust. This will mess up the indices in unix_stream, no? I suppose you could get around that by flushing before writing, but that's the cardinal sin writing an I/O library: Never, ever, ever flush to fix a bug. And yes, we have committed this sin in multiple places in libgfortran. :( More generally, see PR25561 -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32858
