> The code in
>
> gnulib/lib/vasnprintf.c
>
> line 4879 puts a format string containing a %n directive into
> writeable memory and subsequently passes that memory as a first
> argument to printf(3).
>
> Using %n at all is insecure programming practice. [...]
Please contact bug-gnu...@gnu.org and voice your concerns. Then
report back to this list.
> So my favourite solution would be to just stop using all the gnulib
> *printf* modules. I'm not aware of any portability problems they
> might help to solve, not even on historic systems like Solaris 9,
> but they most definitly cause severe portability and security issues
> on several operating systems, in particular on modern ones.
>
> What do you think?
Honestly, I don't like that at all. groff is a GNU project, and as
such it should use the full power of GNU stuff, and I consider
'gnulib' as a very powerful toolbox to get a consistent interface for
as much UNIX-like platforms as possible.
On the other hand, I'm no longer maintainer of groff, so please do
what you think is best. However, please bear in mind that groff *is*
a GNU project.
> Should i do testing without these three modules on OpenBSD, Linux,
> and various versions of Solaris to see if that improves matters?
As mentioned above I think it's better to first contact the gnulib
people. Perhaps this saves you a lot of time, or they can assist you
in adjusting the code to work smoothlessly on BSD platforms, too, if
necessary,
Werner
