RFR: 8296812: sprintf is deprecated in Xcode 14 [v6]

Kim Barrett kbarrett at openjdk.org
Tue Nov 15 07:32:36 UTC 2022 

On Mon, 14 Nov 2022 19:44:17 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> Hi,
>> 
>> May I have this update reviewed?
>> 
>> The sprintf is deprecated in Xcode 14 because of security concerns, and the use of it causing building failure.  The build could pass if warnings are disabled for codes that use sprintf method.  For the long run, the sprintf could be replaced with snprintf.  This patch is trying to check if snprintf could be used.
>> 
>> Thanks,
>> Xuelei
>
> Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision:
> 
>   delete swp file

Mostly okay.  There are some places where the result from `os::snprintf` could be used instead of a later `strlen`.  Most of those are pre-existing (so could be considered for later cleanups), but in at least one case there was a new strlen call introduced, so making the code slightly worse.

src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 226:

> 224:   char buf[512];
> 225:   os::snprintf(buf, sizeof(buf), "0x%02x:0x%x:0x%03x:%d", _cpu, _variant, _model, _revision);
> 226:   if (_model2) os::snprintf(buf+strlen(buf), sizeof(buf) - strlen(buf), "(0x%03x)", _model2);

Instead of using `strlen(buf)` (now called twice!) to get the number of characters written, use the result of the first call to `os::snprintf`.

src/hotspot/os/bsd/attachListener_bsd.cpp line 251:

> 249: BsdAttachOperation* BsdAttachListener::read_request(int s) {
> 250:   char ver_str[8];
> 251:   os::snprintf(ver_str, sizeof(ver_str), "%d", ATTACH_PROTOCOL_VER);

We later use `strlen(ver_str)` where we could instead use the result of `os::snprintf`.

src/hotspot/os/bsd/attachListener_bsd.cpp line 294:

> 292:               (atoi(buf) != ATTACH_PROTOCOL_VER)) {
> 293:             char msg[32];
> 294:             os::snprintf(msg, sizeof(msg), "%d\n", ATTACH_ERROR_BADVERSION);

Rather than using `strlen(msg)` in the next line, use the result from `os::snprintf`.

src/hotspot/os/bsd/attachListener_bsd.cpp line 414:

> 412:   // write operation result
> 413:   char msg[32];
> 414:   os::snprintf(msg, sizeof(msg), "%d\n", result);

Rather than using strlen(msg) in the next line, use the result from os::snprintf.

src/hotspot/share/classfile/javaClasses.cpp line 2532:

> 2530:   // Print module information
> 2531:   if (module_name != NULL) {
> 2532:     buf_off = (int)strlen(buf);

`buf_off` could be the result of `os::snprintf` instead of calling `strlen`.

src/hotspot/share/code/dependencies.cpp line 780:

> 778:       }
> 779:     } else {
> 780:       char xn[12]; os::snprintf(xn, sizeof(xn), "x%d", j);

Pre-existing very unusual formatting; put a line break between the statements.

-------------

Changes requested by kbarrett (Reviewer).

PR: https://git.openjdk.org/jdk/pull/11115

More information about the hotspot-dev mailing list