Branch: refs/heads/master
Home: https://github.com/Starlink/starlink
Commit: e44b3b9d893d3afd718d7b1f294aee0bb9467619
https://github.com/Starlink/starlink/commit/e44b3b9d893d3afd718d7b1f294aee0bb9467619
Author: Tim Jenness <[log in to unmask]>
Date: 2012-09-06 (Thu, 06 Sep 2012)
Changed paths:
M libraries/hds/dat1_init_ndr.c
M libraries/hds/datinq.c
M libraries/hds/dattemp.c
M libraries/hds/daucnv.c
M libraries/hds/hdstools.c
Log Message:
-----------
hds: No longer use %n in formats
New apple clang refuses to compile code that uses %n
error: use of '%n' in format string discouraged (potentially insecure)
This was used in many places in HDS in order to record the length
of formatted strings but is deemed to be a very risky thing to
do these days.
Given that the %n always came at the end of the buffer the irony
is that the code is much much cleaner simply by realising that
sprintf/snprintf returns the number of characters that were
filled in, which was exactly what we wanted any way (and the
code was actively ignoring the return value).
See also http://en.wikipedia.org/wiki/Format_string_attack
|