Charles Levert <[EMAIL PROTECTED]> writes: > GNU grep has many internationalized printf-format strings.
That's fine. In most environments if an attacker can gimmick up your locale, they can gimmick up your C library, which means you are in deep trouble anyway. If you are worried about security you should not let an attacker specify your locale, that's all. > It also has such strings that do not contain any %s but that are yet > passed as format-string argument to a printf-like function (such as > error()); this can easily be remedied by use of a "%s" before the > other string as format-string argument. That's also fine, though not necessary if you know the strings lack %. > It also has strings whose internationalization can be questioned, > such as the whole copyright notice line (instead of just its " > (C)"/" ©" part, which would have the added benefit of not changing > from release to release). I suggest using the gnulib <http://www.gnu.org/software/gnulib/> version-etc module, which does the equivalent of the following: /* Change this as needed */ enum { COPYRIGHT_YEAR = 2005 }; ... const char version_etc_copyright[] = /* Do *not* mark this string for translation. %s is a copyright symbol suitable for this locale, and %d is the copyright year. */ "Copyright %s %d Free Software Foundation, Inc."; ... /* TRANSLATORS: Translate "(C)" to the copyright symbol (C-in-a-circle), if this symbol is available in the user's locale. Otherwise, do not translate "(C)"; leave it as-is. */ printf (version_etc_copyright, _("(C)"), COPYRIGHT_YEAR);
