Re: dynbuf: PR #5300
Date: Thu, 30 Apr 2020 23:44:52 +0200 (CEST)
On Thu, 30 Apr 2020, David Chapman via curl-library wrote:
>> https://github.com/curl/curl/pull/5300
>
> Years ago I got tired of sprintf() buffer overflow problems and wrote my own
> version of sprintf(), passing in a function pointer block. The first use
> was to reallocate sprintf() buffers on the fly; the second use was to
> sprintf() into C++ objects.
We basically have that already. The aprintf() implementation in curl returns
an allocated printf string, we also forbid the use of sprintf() and we have
our own snprintf() implementation.
Starting with this dynbuf PR, the aprintf() implementation is itself powered
by the new dynbuf functions.
> Naturally I think that dynbuf is a great idea. Won't have time to review
> its code, unfortunately.
Thanks. The good part with replacing a lot of old functionality with these new
functions is that they get are so fundamental they will be used and tested
extensively by just running the test suite on all platforms. Not saying bugs
can't happen still of course... Also a reason I want to land this PR early on
in the release cycle.
I've also sprinkled the new functions with assert checks to attempt to detect
API abuse better and easier in debug builds.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-30