diff options
| author |   Eric Blake <eblake@redhat.com> | 2010-08-18 17:31:39 -0600 |
|---|---|---|
| committer | Eric Blake <eblake@redhat.com> | 2010-11-17 10:13:12 -0700 |
| commit | e8aba782e755760a77a8a35f9583e4e31995cda4 (patch) | |
| tree | d379bdc0d19350916590dd6c131f326eb0d07f7d /HACKING | |
| parent | virt-aa-helper: translate error messages (diff) | |
| download | libvirt-e8aba782e755760a77a8a35f9583e4e31995cda4.tar.gz libvirt-e8aba782e755760a77a8a35f9583e4e31995cda4.tar.bz2 libvirt-e8aba782e755760a77a8a35f9583e4e31995cda4.zip | |
maint: avoid remaining sprintf uses
* cfg.mk (sc_prohibit_sprintf): New rule.
(sc_prohibit_asprintf): Avoid false positives.
* docs/hacking.html.in (Printf-style functions): Document the
policy.
* HACKING: Regenerate.
* .x-sc_prohibit_sprintf: New exemptions.
* Makefile.am (syntax_check_exceptions): Ship new file.
* src/vbox/vbox_tmpl.c (vboxStartMachine, vboxAttachUSB): Use
virAsprintf instead.
* src/uml/uml_driver.c (umlOpenMonitor): Use snprintf instead.
* tools/virsh.c (cmdDetachInterface): Likewise.
* src/security/security_selinux.c (SELinuxGenSecurityLabel):
Likewise.
* src/openvz/openvz_driver.c (openvzDomainDefineCmd): Likewise,
and ensure large enough buffer.
Diffstat (limited to 'HACKING')
| -rw-r--r-- | HACKING | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -538,6 +538,12 @@ virAsprintf, in util.h: This makes it so gcc's -Wformat and -Wformat-security options can do their jobs and cross-check format strings with the number and types of arguments. +When printing to a string, consider using virBuffer for incremental +allocations, virAsprintf for a one-shot allocation, and snprintf for +fixed-width buffers. Do not use sprintf, even if you can prove the buffer +won't overflow, since gnulib does not provide the same portability guarantees +for sprintf as it does for snprintf. + Use of goto =========== |