On Sun, Dec 28, 2008 at 12:42:46AM -0800, Kees Cook wrote: > Hi, > > I'd like to seek advice before I perform a mass-bug filing for this > unstable (though semi-common) use of "sprintf" and "snprintf": [...] > pcregrep -M 'sprintf\s*\(\s*([^,]*)\s*,\s*"%s[^"]*"\s*,\s*\1\s*,'
While fixing one of the affected packages, I discovered that it was using similarly problematic syntax to act as a strcat replacement of the form 'sprintf(buf, "%s\n", buf)', which that regexp didn't catch. I can't imagine that's a common mistake, but it's easy enough to match on as well: pcregrep -M 'sprintf\s*\(\s*([^,]*)\s*,\s*"%s[^"]*"\s*,\s*\1\s*[,)]' > gabedit > gromacs > openbabel All pending upload, thanks. -- Nicholas Breen nbr...@ofb.net -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
