Den sön 31 maj 2026 kl 16:05 skrev Branko Čibej <[email protected]>:
> On Sun, 31 May 2026, 15:01 Daniel Sahlberg, <[email protected]> > wrote: > >> Hi, >> >> Even if Apple are incorrectly deprecating sprintf() and even if we know >> that our string will fit in the allocated buffer... Is there a significant >> drawback of just using snprintf()? >> > > > Yes, it's explained right there in the comment: apr_psprintf() ignores the > locale, so the decimal separator isn't localised. > That's not quite what I meant. I saw the comment and I had no intention of using the apr_-functions. If I understand Apple's motivation correct, they want to promote snprintf()[3] instead of sprintf()[2]. A quick search revealed several projects doing this change (one example is MariaDB[3]). > > I'd have to take another look at skel_test, it's possible that the use of > snprintf() there could be replaced. > I already proposed a patch for filesize.c. How about this for the skel-test? [[[ Index: subversion/tests/libsvn_subr/skel-test.c =================================================================== --- subversion/tests/libsvn_subr/skel-test.c (revision 1934787) +++ subversion/tests/libsvn_subr/skel-test.c (working copy) @@ -314,7 +314,7 @@ abort(); /* Generate the length and separator character. */ - sprintf(buf, "%"APR_SIZE_T_FMT"%c", len, sep); + snprintf(buf, 100, "%"APR_SIZE_T_FMT"%c", len, sep); length_len = strlen(buf); /* Copy in the real data (which may contain nulls). */ ]]] buf is previously created as malloc(len + 100) so it is guranteed to be at least 100 bytes. It is later updated by appending data: memcpy(buf + length_len, data, len) so we should make sure the output from s(n)printf isn't longer than 99 bytes. Cheers, Daniel [1] https://developer.apple.com/documentation/kernel/1441052-snprintf [2] https://developer.apple.com/documentation/kernel/1441083-sprintf [3] https://jira.mariadb.org/browse/MDEV-33714
