Andreas Schwab <[EMAIL PROTECTED]> wrote:
> Jim Meyering <[EMAIL PROTECTED]> writes:
>
>> Andreas Schwab <[EMAIL PROTECTED]> wrote:
>>> Jim Meyering <[EMAIL PROTECTED]> writes:
>>>
>>>> I'm interested, because I don't want my applications to segfault on such
>>>> inputs. Sure it may look a little far-fetched, but I think it's not.
>>>> Imagine such a bit pattern being injected into a network data stream
>>>> that is then printed as a long double. Just printing an arbitrary
>>>> "long double" should not make a server vulnerable to a DoS attack.
>>>
>>> In which way is this different from passing NULL to strlen?
>>
>> I'm surprised to hear you arguing that it is desirable for glibc's printf
>> implementation to segfault for a long-double with an unusual bit pattern.
>
> In which way is this different from printf("%s", (char*)1)?
Posing the question for printf("%s", NULL) wouldn't have made
the same point, Eh?
Just because standards leave it undefined doesn't mean
that "segfault" is the best response -- or even a "good" one.
Standards conformance is obviously not the issue here.
