diff options
| author |   deraadt <deraadt@openbsd.org> | 2019-06-26 21:13:23 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2019-06-26 21:13:23 +0000 |
| commit | ae51a5c21f8390b497d9b39f1c2ebe338c0969b3 (patch) | |
| tree | 326e1add24960703ecdae2962b0c04c9dbabaaf1 /lib/libc/stdio/printf.3 | |
| parent | Use timeout_add_msec(9) (diff) | |
| download | wireguard-openbsd-ae51a5c21f8390b497d9b39f1c2ebe338c0969b3.tar.xz wireguard-openbsd-ae51a5c21f8390b497d9b39f1c2ebe338c0969b3.zip | |
The POSIX-compatible way of checking for {v,}{f,s,sn,d}printf(3)
failure is with < 0, not the more specific -1 from C
discussed at length with millert, nicm, schwarze
Diffstat (limited to 'lib/libc/stdio/printf.3')
| -rw-r--r-- | lib/libc/stdio/printf.3 | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/libc/stdio/printf.3 b/lib/libc/stdio/printf.3 index 236c7dbc6fd..c87c8024c38 100644 --- a/lib/libc/stdio/printf.3 +++ b/lib/libc/stdio/printf.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: printf.3,v 1.79 2019/01/16 12:55:49 schwarze Exp $ +.\" $OpenBSD: printf.3,v 1.80 2019/06/26 21:13:23 deraadt Exp $ .\" .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -33,7 +33,7 @@ .\" .\" @(#)printf.3 8.1 (Berkeley) 6/4/93 .\" -.Dd $Mdocdate: January 16 2019 $ +.Dd $Mdocdate: June 26 2019 $ .Dt PRINTF 3 .Os .Sh NAME @@ -147,7 +147,8 @@ is zero, may be a null pointer and no characters will be written; the number of bytes that would have been written excluding the terminating .Ql \e0 -byte, or \-1 on error, will be returned. +byte, or \-1 on error, will be returned (but due to an weakness in POSIX +should be checked with < 0). .Pp .Fn sprintf and @@ -876,7 +877,7 @@ for later interpolation by Be sure to use the proper secure idiom: .Bd -literal -offset indent int ret = snprintf(buffer, sizeof(buffer), "%s", string); -if (ret == -1 || ret >= sizeof(buffer)) +if (ret < 0 || ret >= sizeof(buffer)) goto toolong; .Ed .Pp |