John Marriott wrote: > I notice that there are a large number of calls to sprintf() sprinkled > throughout the code (329 in the src directory in version 7.4.2361). > > Would it be worth changing these calls to vim_snprint() (or snprintf())?
vim_snprintf() is slower than sprintf(). And in the end it uses sprintf() to do its work. There might be a few more places where there is no guarantee that the buffer size is always sufficient, in those cases switching to vim_snprintf() is useful. But I would not blindly change all calls. Also, I can't remember when we had an actual buffer overflow in sprintf(). It appears to be uncommon (compared to other illegal memory access that were reported). -- hundred-and-one symptoms of being an internet addict: 230. You spend your Friday nights typing away at your keyboard /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
