[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Need Help from a C expert



Andy Shevchenko <andy    > writes:
> > Nevermind, I fixed this problem by simply removing the vsnprintf
> > function from the source file.  It seems vsnprintf is a builtin system
> > function and there is no need to compile a new one.
> Due to security reasons the built in source function may be better than 
> system one. I think the security audit of that code should be passed.

No. Duplicating system functions is never a good idea for security! If you have 
a function in one location, it can be fixed once if it's broken. Who is going 
to track down the thousands of broken copies of vsnprintf.c if a bug is found 
in a commonly-copied implementation?

As for why the file doesn't build: -DFORTIFY_SOURCE defines vsnprintf as a 
macro in order to do additional security checks on it (see again why replacing 
system functions is not good for security?), so the function declaration (the 
header of the function definition, actually) gets macro-expanded too, which 
won't work. (The macro expansion expects to deal only with function uses, not 
function declarations/definitions.) The easiest fix is exactly what has been 
done: remove vsnprintf.c and just use the system one.

The reason the source code includes its own vsnprintf.c is that not all systems 
have vsnprintf, it's a C99 function. Fedora does have it, so vsnprintf.c is 
useless on Fedora.

        Kevin Kofler


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]