At Mon, 14 Apr 2003 20:48:08 -0500, Debian Bug Tracking System wrote: > > reassign 182277 glibc > Bug#182277: gcc-3.2: Should print a warning when using (v)sprintf. > Bug reassigned from package `binutils' to `glibc'. > > > tags 182277 patch > Bug#182277: gcc-3.2: Should print a warning when using (v)sprintf. > There were no tags set. > Tags added: patch
Julien, you have to answer Matt Zimmerman's question: > gets() is _inherently_ insecure (there is no way to prevent it from writing > beyond the end of the buffer), and so it should never be used. It is > perfectly possible, however, to use sprintf and vsprintf securely, and > sometimes good (portability) reasons to do so. > > So this kind of warning is not appropriate for sprintf nor vsprintf. I agree his opinion. Please tell me the reason. If you don't have any strong reasons, then only I close it. Moreover, how many programs are this warning affected? Regards, -- gotom
