Hi Peter, Peter Bex <peter....@xs4all.nl> writes: > > In order to fix #566, I decided it's much easier to rip out the > HAVE_GCVT definition in Cygwin. After testing on several platforms, > it turns out that gcvt() is really not required, and it's deprecated > by POSIX as well. So we should probably stop using it anyway; this > also simplifies testing as it doesn't needlessly use different library > functions on different platforms. > > I tried to figure out why HAVE_GCVT was introduced in the first place, > but it goes all the way back to the very first commit in the NonGNU CVS > even. Felix mentioned that he seemed to recall that it had something > to do with making behaviour of the various Windows builds consistent > among eachother. > > However, I've tested all three Windows builds, and they all behave > equally well (or better) with s[n]printf() instead of gcvt(). We no > longer have a MSVC build, so the original problem probably was there, > or it was in an older version of Cygwin/MingW which has been fixed in > the meanwhile (it's been over 10 years, so a thing or two will have > changed there, as well!). If we ever regain a MSVC build, we can > look at restoring this code, but in the meanwhile I prefer the > simplicity of this solution. I was even able to get rid of the > MINGW hack just below the changed code!
wow, thanks going through all that trouble! Shedding some light on dusty corners like that is definitely a good idea to keep the code clean and to improve it, too. > I've also taken the opportunity to convert sprintf into a checked > snprintf. I'm not 100% sure but I don't think this requires a CVE > since you can't easily (at all?) cause over 4096 flonum digits to > get printed, and flonum-print-precision is rarely, if ever > user-controlled. Feel free to request a CVE if you disagree. I'm not sure about this either. I've pushed the patch though as it looks OK to me and all tests pass, too. I also grepped for "gcvt" afterwards and couldn't find traces of it anymore. Good riddance! Moritz _______________________________________________ Chicken-hackers mailing list Chicken-hackers@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-hackers