Re: [Libguestfs] RFC: *scanf vs. overflow

The context to this is that nbdkit uses sscanf to parse simple file formats in various places, eg: https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18... https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18... We can only do this safely where we can prove that overflow does not matter. In other cases we've had to change sscanf uses to strto* etc which is much more difficult to use correctly. Just look at how much code is required to wrap strto* functions to use them safely: https://github.com/libguestfs/nbdkit/blob/b23f4f53cf71326f1dba481f64f7f18... Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v