"Secure coding" audit checkers and Kerberos

Russ Allbery rra at stanford.edu
Wed Oct 15 14:51:52 EDT 2008

Jeffrey Hutzelman <jhutz at cmu.edu> writes:

> The simple answer here is that the return value of snprintf simply cannot
> be relied upon, unless it has been tested.  In fact, it's not just Solaris
> that returned -1 when the buffer is too small; they were just late to
> change.  Many platforms used to behave that way.  The same goes for the
> 0/0 call to determine the size, the results of which were undefined before
> C99.

Right, all my software that uses snprintf probes the return value in
Autoconf and then uses a replacement snprintf implementation if the return
value doesn't follow C99.

Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

More information about the krbdev mailing list