RFR: 8308071: [REDO] update for deprecated sprintf for src/utils
Mikael Vidstedt
mikael at openjdk.org
Mon May 15 21:50:46 UTC 2023
On Mon, 15 May 2023 18:46:00 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> Hi,
>
> This is a redo of JDK-8307855, where issues were found after integration.
>
> The sprintf is deprecated in Xcode 14, and Microsoft Virtual Studio, because of security concerns. The issue was addressed in [JDK-8296812](https://bugs.openjdk.org/browse/JDK-8296812) for building failure, and [JDK-8299378](https://bugs.openjdk.org/browse/JDK-8299378)/[JDK-8299635](https://bugs.openjdk.org/browse/JDK-8299635)/[JDK-8301132](https://bugs.openjdk.org/browse/JDK-8301132) for testing issues . This is a break-down update for sprintf uses in the src/utils directory.
>
> Thanks,
> Xuelei
src/utils/hsdis/binutils/hsdis-binutils.c line 248:
> 246: size_t used_size = strlen(close);
> 247: char* p = buf + used_size;
> 248: bufsize -= used_size;
May not happen in practice, but if `used_size` is larger than `bufsize` this will wrap to a very large value. Perhaps the `strcpy` above should also be an `snprintf`, and the return value handled the same way as for the subsequent `snprintf` calls?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13995#discussion_r1194394358
More information about the build-dev
mailing list