Re: macos ventura SDK spews warnings - Mailing list pgsql-hackers
| From | Tom Lane |
|---|---|
| Subject | Re: macos ventura SDK spews warnings |
| Date | |
| Msg-id | 1605190.1665874036@sss.pgh.pa.us Whole thread Raw |
| In response to | Re: macos ventura SDK spews warnings (Tom Lane <tgl@sss.pgh.pa.us>) |
| Responses |
Re: macos ventura SDK spews warnings
|
| List | pgsql-hackers |
I wrote:
> Andres Freund <andres@anarazel.de> writes:
>> [24/2258] Compiling C object src/port/libpgport_srv.a.p/snprintf.c.o
>> ../../../src/postgres/src/port/snprintf.c:1002:11: warning: 'sprintf' is deprecated: This function is provided for
compatibilityreasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended
thatyou use snprintf(3) instead. [-Wdeprecated-declarations]
> Originally we used the platform's sprintf there because we couldn't
> rely on platforms having functional snprintf. That's no longer the case,
> I imagine, so we could just switch these calls over to snprintf. I'm
> kind of surprised that we haven't already been getting the likes of
> this warning from, eg, OpenBSD.
The attached seems enough to silence it for me.
Should we back-patch this? I suppose, but how far? It seems to fall
under the rules we established for back-patching into out-of-support
branches, ie it silences compiler warnings but shouldn't change any
behavior. But it feels like a bigger change than most of the other
things we've done that with.
regards, tom lane
diff --git a/src/port/snprintf.c b/src/port/snprintf.c
index e037cf0a88..81d9c8c274 100644
--- a/src/port/snprintf.c
+++ b/src/port/snprintf.c
@@ -998,8 +998,8 @@ fmtptr(const void *value, PrintfTarget *target)
int vallen;
char convert[64];
- /* we rely on regular C library's sprintf to do the basic conversion */
- vallen = sprintf(convert, "%p", value);
+ /* we rely on regular C library's snprintf to do the basic conversion */
+ vallen = snprintf(convert, sizeof(convert), "%p", value);
if (vallen < 0)
target->failed = true;
else
@@ -1149,11 +1149,11 @@ fmtfloat(double value, char type, int forcesign, int leftjust,
int padlen; /* amount to pad with spaces */
/*
- * We rely on the regular C library's sprintf to do the basic conversion,
+ * We rely on the regular C library's snprintf to do the basic conversion,
* then handle padding considerations here.
*
* The dynamic range of "double" is about 1E+-308 for IEEE math, and not
- * too wildly more than that with other hardware. In "f" format, sprintf
+ * too wildly more than that with other hardware. In "f" format, snprintf
* could therefore generate at most 308 characters to the left of the
* decimal point; while we need to allow the precision to get as high as
* 308+17 to ensure that we don't truncate significant digits from very
@@ -1205,14 +1205,14 @@ fmtfloat(double value, char type, int forcesign, int leftjust,
fmt[2] = '*';
fmt[3] = type;
fmt[4] = '\0';
- vallen = sprintf(convert, fmt, prec, value);
+ vallen = snprintf(convert, sizeof(convert), fmt, prec, value);
}
else
{
fmt[0] = '%';
fmt[1] = type;
fmt[2] = '\0';
- vallen = sprintf(convert, fmt, value);
+ vallen = snprintf(convert, sizeof(convert), fmt, value);
}
if (vallen < 0)
goto fail;
@@ -1341,7 +1341,7 @@ pg_strfromd(char *str, size_t count, int precision, double value)
fmt[2] = '*';
fmt[3] = 'g';
fmt[4] = '\0';
- vallen = sprintf(convert, fmt, precision, value);
+ vallen = snprintf(convert, sizeof(convert), fmt, precision, value);
if (vallen < 0)
{
target.failed = true;
pgsql-hackers by date: