> On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote: > > I was looking at mandoc and noticed it has too many strlcats (a common > > affliction affecting quite a few programs.) It's faster and simpler to > > use snprintf. > > In glibc snprintf has a memory allocation failure mode.
In OpenBSD, snprintf is designed to be thread and signal-handler safe, as long as you don't use certain dangerous features. I'm afraid I can't find documentation which defines which are dangerous or not, but remember auditing our tree to improve the situation. > I'm curious: is > OpenBSD committed to avoiding extensions (locale features, etc) which might > trigger allocation failure? I don't know if we are commited to such a restriction. We could add such things, but then put them in the "dangerous" catagory, to not be used in unsafe situations... Hmm, where are our docs for that...
