Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!apple!oliveb!sun!eureka!argv From: argv%eureka@Sun.COM (Dan Heller) Newsgroups: comp.sources.bugs Subject: Re: Bug in csh (history, "!a%100s"). Report and Fix. Summary: An apology Keywords: csh history format-string bug fix Message-ID: <114074@sun.Eng.Sun.COM> Date: 6 Jul 89 22:24:16 GMT References: <113630@sun.Eng.Sun.COM> <771@sbsvax.UUCP> Sender: news@sun.Eng.Sun.COM Reply-To: island!argv@sun.com (Dan Heller) Lines: 54 In article <771@sbsvax.UUCP> greim@sbsvax.UUCP (Michael Greim) writes: > In article <113630@sun.Eng.Sun.COM>, argv%eureka@Sun.COM (Dan Heller) writes: > > Why are people so stuck on using printf? Michael Greim finds a bug Basically, I apologize for the "flame" that people seem to think I posted. I wasn't flaming really. I just meant to point out that puts() will never be slower than printf(), so to avoid "other bugs" (see below), it's safer to use puts when that's what you really meant. Sorry, Michael. > > As soon as there is a %s in the data written, you > > just created a junk file. And this is also the type of bug that doesn't > Normally one gets a core dump fairly quick. > How can you create a file using > fprintf ("%s", n); > ? (Which is what I think you are writing about) > And then there is lint ... No, I was talking about the type of bug that lint can't catch. That is, I see this type of usage all the time: ... send_to_file("this is a string"); ... send_to_file(s) char *s; { extern FILE *fp; fprintf(fp, s); } It is this type of bug that eventually catches up to you. For example, a hypothetical mail program could extract the return address of a user and try to print it: extern char *get_return_address(); char *addr; addr = get_return_address(message_3); ... printf(addr); Now, suppose the address that was returned was: argv%island@sun.com What do you suppose will happen? This is the type of warning I was trying to convey to people. Sorry if I implied anything else... dan ----- My postings reflect my opinion only -- not the opinion of any company.