make(1): refuse to use vsnprintf that is prone to buffer overflows

Several parts of make intentionally depend on the guarantee that snprintf and vsnprintf do not overflow their buffer. If an implementation cannot provide this guarantee, refuse to use it.
2020-12-05 17:25:41 +00:00 · 2020-12-05 17:25:41 +00:00 · e5d879283b
commit e5d879283b
parent c09eaa11ae
1 changed files with 3 additions and 4 deletions
--- a/usr.bin/make/util.c
+++ b/usr.bin/make/util.c
@ -1,4 +1,4 @@
-/*	$NetBSD: util.c,v 1.70 2020/11/23 23:41:11 rillig Exp $	*/
+/*	$NetBSD: util.c,v 1.71 2020/12/05 17:25:41 rillig Exp $	*/

 /*
 * Missing stuff from OS's
@ -15,7 +15,7 @@

 #include "make.h"

-MAKE_RCSID("$NetBSD: util.c,v 1.70 2020/11/23 23:41:11 rillig Exp $");
+MAKE_RCSID("$NetBSD: util.c,v 1.71 2020/12/05 17:25:41 rillig Exp $");

 #if !defined(MAKE_NATIVE) && !defined(HAVE_STRERROR)
 extern int errno, sys_nerr;
@ -378,8 +378,7 @@ vsnprintf(char *s, size_t n, const char *fmt, va_list args)
 	    fakebuf._cnt = 0;
 	return n - fakebuf._cnt - 1;
 #else
-	(void)vsprintf(s, fmt, args);
-	return strlen(s);
+	::: "error: vsnprintf must be available";
 #endif
 }