From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23715 invoked by alias); 29 Jul 2007 15:58:17 -0000 Received: (qmail 23686 invoked by uid 48); 29 Jul 2007 15:58:08 -0000 Date: Sun, 29 Jul 2007 15:58:00 -0000 Message-ID: <20070729155808.23685.qmail@sourceware.org> X-Bugzilla-Reason: CC References: Subject: [Bug libfortran/32858] printf-capabilities for runtime_error() In-Reply-To: Reply-To: gcc-bugzilla@gcc.gnu.org To: gcc-bugs@gcc.gnu.org From: "jb at gcc dot gnu dot org" Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org X-SW-Source: 2007-07/txt/msg02960.txt.bz2 ------- Comment #8 from jb at gcc dot gnu dot org 2007-07-29 15:58 ------- I had a look at your patch, and one thing which looks worrying is the use of sprintf all over the place. That's just a recipe for buffer overflows, especially when combined with %s formatting. I think Tobi's suggestion to use libiberty dyn-string is good. (In reply to comment #6) > There are also a few other issues with the incomplete patch. > vsnprintf can be replaced by __builtin_vsnprintf > on systems where it isn't available. Doesn't the compiler automatically take care of using builtin_vsnprintf? (In reply to comment #7) > I think I understand what's wrong with my patch now: The > stream initialized with init_error_stream was never flushed. > > I think I'll go with a naked write() call, which is > > a) simpler > > b) more robust. This will mess up the indices in unix_stream, no? I suppose you could get around that by flushing before writing, but that's the cardinal sin writing an I/O library: Never, ever, ever flush to fix a bug. And yes, we have committed this sin in multiple places in libgfortran. :( More generally, see PR25561 -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32858