On Thu, May 23, 2013 at 21:38, Theo de Raadt wrote: >> In glibc snprintf has a memory allocation failure mode.
>> I'm curious: is >> OpenBSD committed to avoiding extensions (locale features, etc) which might >> trigger allocation failure? Yes. I mean, what in the world is snprintf doing allocating some locale crap to implement a behavior that strlcat clearly doesn't need to allocate memory for? > > I don't know if we are commited to such a restriction. We could add such > things, but then put them in the "dangerous" catagory, to not be used in > unsafe situations... > > Hmm, where are our docs for that... It's in man signal. The only thing you can't use is floating point, because dtoa is crazy, but I think it'd even be possible to pass the buffer in from vfprintf and make that signal safe too. Just nobody cares.
