[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH] Re: Possible Vulnerability in httpd.c
From: Rob Landley <rob () landley ! net>
Date: 2016-11-24 16:27:25
Message-ID: db91c508-33e8-f12b-575a-b6070ad5d636 () landley ! net
[Download RAW message or body]
On 11/23/2016 03:29 PM, Denys Vlasenko wrote:
> On Tue, Nov 22, 2016 at 5:07 PM, Rich Felker <dalias@libc.org> wrote:
>>> Different projects choose their paranoias differently.
>>> >From its inception, bbox was paranoid about code size.
>>>
>>> If you see an actual bug where buffer can overflow,
>>> I'm more than willing to fix it.
>>>
>>> But if there is no actual bug, and it's just a general concern
>>> that "it looks unsafe", then code size trumps it.
>>
>> Have you stopped to consider the size from pulling in the deprecated
>> sprintf function to begin with? If all references to it were removed,
>> then static-linked busybox would only have snprintf, not sprintf. On
>> musl/i386 this would only save about 50 bytes but it might save more
>> on other archs or libcs.
>
> I found nearly 200 instances of sprintf() use in current bbox git.
> I'm not embarking on a quest to replace all of them.
Why would sprintf() be deprecated? (Deprecated by who?)
If you know what data you're printing into your string, you should be
fine. If you don't know what data you're printing into it, randomly
truncating your output is its own kind of bug. And requiring an extra
argument every time just so you can randomly truncate your output seems
kinda silly.
Rob
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic