> Why would you want to artificially make the function diverge > from the spec?
Because %n make it easy to convert a not-uncommon format string bug into a code injection. Thus, poses a significant security vulnerability. Since it's an obscure and rarely-used feature, it is straightforward to eliminate all users in the Linux kernel, making removing it possible. I agree that if it were harmless, it would be useful to leave it implemented just for simplicity (it's a trivial amount of code), but it's not harmless. > People shouldn't be caught by surprises if at all > possible, and one can certainly not expect people to go look at > the comment before the function implementation to find out > what basic (standard) features _do not_ work (one can expect > so when trying to find out about _extensions_). This is why people propose implementing it as a kernel warning. Strongly support this change. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
