> From: Theo de Raadt <dera...@cvs.openbsd.org> > Date: Thu, 23 May 2013 21:38:57 -0600 > > > On Thu, May 23, 2013 at 05:05:45PM -0400, Ted Unangst wrote: > > > I was looking at mandoc and noticed it has too many strlcats (a common > > > affliction affecting quite a few programs.) It's faster and simpler to > > > use snprintf. > > > > In glibc snprintf has a memory allocation failure mode. > > In OpenBSD, snprintf is designed to be thread and signal-handler safe, > as long as you don't use certain dangerous features. I'm afraid I > can't find documentation which defines which are dangerous or not, but > remember auditing our tree to improve the situation.
But the reason we did this was to reduce the amount of damage badly written signal handlers could do. Not to encourage people to actually use the *printf(3) family of functions in signal handlers.
