> But the reason we did this was to reduce the amount of damage badly
> written signal handlers could do. Not to encourage people to actually
> use the *printf(3) family of functions in signal handlers.
Well... we had to use something..
> From: Theo de Raadt
> Date: Thu, 23 May 2013 21:38:57 -0600
>
> > On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote:
> > > I was looking at mandoc and noticed it has too many strlcats (a common
> > > affliction affecting quite a few programs.) It's faster and simpler to
> > > use snpr
On Thu, May 23, 2013 at 09:38:57PM -0600, Theo de Raadt wrote:
> > On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote:
> > > I was looking at mandoc and noticed it has too many strlcats (a common
> > > affliction affecting quite a few programs.) It's faster and simpler to
> > > use snprint
> It's in man signal.
>
> The only thing you can't use is floating point, because dtoa is crazy,
The *5 table, yes.
I tried to improve the situation there. I nearly lost my mind.
On Thu, May 23, 2013 at 21:38, Theo de Raadt wrote:
>> In glibc snprintf has a memory allocation failure mode.
>> I'm curious: is
>> OpenBSD committed to avoiding extensions (locale features, etc) which might
>> trigger allocation failure?
Yes. I mean, what in the world is snprintf doing allocati
> On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote:
> > I was looking at mandoc and noticed it has too many strlcats (a common
> > affliction affecting quite a few programs.) It's faster and simpler to
> > use snprintf.
>
> In glibc snprintf has a memory allocation failure mode.
In Ope
On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote:
> I was looking at mandoc and noticed it has too many strlcats (a common
> affliction affecting quite a few programs.) It's faster and simpler to
> use snprintf.
In glibc snprintf has a memory allocation failure mode. I'm curious: is
Ope
I was looking at mandoc and noticed it has too many strlcats (a common
affliction affecting quite a few programs.) It's faster and simpler to
use snprintf.
The code in roff.c was doing something twisty with the length argument
to strlcpy. Doing fancy length tricks kind of defeats the purpose of
ha
