Path: utzoo!utgpu!water!watmath!rbutterworth
From: rbutterworth@watmath.waterloo.edu (Ray Butterworth)
Newsgroups: comp.lang.c
Subject: Re: vsprintf considered dangerous
Message-ID: <18494@watmath.waterloo.edu>
Date: 25 Apr 88 14:19:50 GMT
References: <36@lotus.UUCP> <1219@ucsfcca.ucsf.edu> <18746@think.UUCP> <2543@geac.UUCP>
Organization: U of Waterloo, Ontario
Lines: 13

In article <2543@geac.UUCP>, daveb@geac.UUCP (David Collier-Brown) writes:
> In article <18746@think.UUCP> bromley@lysippe.think.com.UUCP (Mark Bromley) writes:
> | I have always disliked the sprintf and sscanf interface.  A somewhat different
> | interface would allow the standard functions to be used with complete error
> | checking in the case of io to/from strings.  
> If memory serves, one can do this on Honeywell GCOS machines,
> although probably only in "B" and not "C".  And no, I have no idea
> why...

The GCOS B and C libraries both take the fopen parameters
"ws", "rs", and "as", to mean that the "file-name" parameter is
really a pointer to an actual string to be written, read, or
appended to.  Unfortunately there is no check for overflow.