RFR: 8303527: update for deprecated sprintf for jdk.hotspot.agent [v2]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Thu Mar 2 23:30:17 UTC 2023
On Thu, 2 Mar 2023 19:31:46 GMT, Chris Plummer <cjplummer at openjdk.org> wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with two additional commits since the last revision:
>>
>> - one more correction
>> - correct mistakes
>
> src/jdk.hotspot.agent/windows/native/libsaproc/sawindbg.cpp line 188:
>
>> 186: const HRESULT hr = (v); \
>> 187: if (hr != S_OK) { \
>> 188: size_t errmsg_size = new char[strlen(str) + 32;
>
> This looks broken. I doubt it even compiles. Also, this is win32 so shouldn't be needed for xcode, although it doesn't hurt to fix.
Oops, I should avoid this mistake. Thanks you for the catching.
The sprintf function is deprecated for security concerns. If it is used, code readers may need to check if the usage is secure or not, which is not really necessary.
If I get it right, [the function is deprecated](https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l?view=msvc-170) in Microsoft C compiler as well. But it looks like the deprecation does not trigger a building failure yet.
-------------
PR: https://git.openjdk.org/jdk/pull/12837
More information about the serviceability-dev
mailing list