Hi,
On 2022-10-15 18:47:16 -0400, Tom Lane wrote:
> I wrote:
> > Andres Freund <andres@anarazel.de> writes:
> >> [24/2258] Compiling C object src/port/libpgport_srv.a.p/snprintf.c.o
> >> ../../../src/postgres/src/port/snprintf.c:1002:11: warning: 'sprintf' is deprecated: This function is provided for
compatibilityreasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended
thatyou use snprintf(3) instead. [-Wdeprecated-declarations]
>
> > Originally we used the platform's sprintf there because we couldn't
> > rely on platforms having functional snprintf. That's no longer the case,
> > I imagine, so we could just switch these calls over to snprintf. I'm
> > kind of surprised that we haven't already been getting the likes of
> > this warning from, eg, OpenBSD.
Is there a platform still supported in older branches that we need to worry
about?
> The attached seems enough to silence it for me.
>
> Should we back-patch this?
Probably, but not sure either. We could just let it stew in HEAD for a while.
> I suppose, but how far? It seems to fall under the rules we established for
> back-patching into out-of-support branches, ie it silences compiler warnings
> but shouldn't change any behavior. But it feels like a bigger change than
> most of the other things we've done that with.
I wonder if we ought to add -Wno-deprecated to out-of-support branches to deal
with this kind of thing...
Greetings,
Andres Freund