[PATCH] sscanf.3: Remove term 'deprecated', and expand BUGS

Linux-man Archive mirror
 help / color / mirror / Atom feed

From: Alejandro Colomar <alx@kernel.org>
To: linux-man@vger.kernel.org
Cc: Alejandro Colomar <alx@kernel.org>,
	Lee Griffiths <poddster@gmail.com>,
	Zack Weinberg <zack@owlfolio.org>
Subject: [PATCH] sscanf.3: Remove term 'deprecated', and expand BUGS
Date: Wed, 6 Dec 2023 15:52:34 +0100	[thread overview]
Message-ID: <20231206145132.5538-2-alx@kernel.org> (raw)

[-- Attachment #1: Type: text/plain, Size: 3202 bytes --]

Several programmers have been confused about this use of 'deprecated'.

Also, maximum field width can be used with these fields to mitigate the
problem.  Still, it's only a mitigation, since it limits the number of
characters read, but that means an input of LONG_MAX+1 --which takes up
the same number of characters than LONG_MAX-- would still cause UB; or
one can limit that to well below the limit of UB, but then you
artificially invalidate valid input.  No good way to avoid UB with
sscanf(3), but it's not necessarily bad with trusted input (and
strtol(3) isn't the panacea either; strtoi(3) is good, though, but not
standard).

Try to be more convincing in BUGS instead.

Link: <https://stackoverflow.com/questions/77601832/man-sscanf-d-is-deprecated-in-c-or-glibc/>
Cc: Lee Griffiths <poddster@gmail.com>
Cc: Zack Weinberg <zack@owlfolio.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---

Hi Lee!

Thanks for the report.  After seeing how much frustration it has caused,
I propose this change.  Does it look good to you?

Thanks,
Alex

 man3/sscanf.3 | 15 ++-------------
 1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/man3/sscanf.3 b/man3/sscanf.3
index 2211cab7d..4c0bdc318 100644
--- a/man3/sscanf.3
+++ b/man3/sscanf.3
@@ -359,7 +359,6 @@ .SS Conversions
 and assignment does not occur.
 .TP
 .B d
-.IR Deprecated .
 Matches an optionally signed decimal integer;
 the next pointer must be a pointer to
 .IR int .
@@ -374,7 +373,6 @@ .SS Conversions
 .\" is silently ignored, causing old programs to fail mysteriously.)
 .TP
 .B i
-.IR Deprecated .
 Matches an optionally signed integer; the next pointer must be a pointer to
 .IR int .
 The integer is read in base 16 if it begins with
@@ -387,18 +385,15 @@ .SS Conversions
 Only characters that correspond to the base are used.
 .TP
 .B o
-.IR Deprecated .
 Matches an unsigned octal integer; the next pointer must be a pointer to
 .IR "unsigned int" .
 .TP
 .B u
-.IR Deprecated .
 Matches an unsigned decimal integer; the next pointer must be a
 pointer to
 .IR "unsigned int" .
 .TP
 .B x
-.IR Deprecated .
 Matches an unsigned hexadecimal integer
 (that may optionally begin with a prefix of
 .I 0x
@@ -409,33 +404,27 @@ .SS Conversions
 .IR "unsigned int" .
 .TP
 .B X
-.IR Deprecated .
 Equivalent to
 .BR x .
 .TP
 .B f
-.IR Deprecated .
 Matches an optionally signed floating-point number; the next pointer must
 be a pointer to
 .IR float .
 .TP
 .B e
-.IR Deprecated .
 Equivalent to
 .BR f .
 .TP
 .B g
-.IR Deprecated .
 Equivalent to
 .BR f .
 .TP
 .B E
-.IR Deprecated .
 Equivalent to
 .BR f .
 .TP
 .B a
-.IR Deprecated .
 (C99) Equivalent to
 .BR f .
 .TP
@@ -661,8 +650,8 @@ .SS Numeric conversion specifiers
 programs should use functions such as
 .BR strtol (3)
 to parse numeric input.
-This manual page deprecates use of the numeric conversion specifiers
-until they are fixed by ISO C.
+Alternatively,
+mitigate it by specifying a maximum field width.
 .SS Nonstandard modifiers
 These functions are fully C99 conformant, but provide the
 additional modifiers
-- 
2.42.0


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next             reply	other threads:[~2023-12-06 14:52 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-06 14:52 Alejandro Colomar [this message]
2023-12-06 16:36 ` [PATCH] sscanf.3: Remove term 'deprecated', and expand BUGS Alejandro Colomar
2023-12-06 18:33   ` Matthew House
2023-12-06 20:17     ` Alejandro Colomar
2023-12-06 20:45       ` Matthew House
2023-12-06 20:54         ` Matthew House
2023-12-06 21:12         ` Alejandro Colomar
     [not found] ` <CAKXok1GQvKi2HiBU89CSd+KF_dd9+mOMVhHrMKAVLLwcyJDN2g@mail.gmail.com>
2023-12-07 21:50   ` Fwd: " Lee Griffiths
2023-12-09 11:55     ` Alejandro Colomar

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:2211cab7 dfblob:4c0bdc31
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231206145132.5538-2-alx@kernel.org \
    --to=alx@kernel.org \
    --cc=linux-man@vger.kernel.org \
    --cc=poddster@gmail.com \
    --cc=zack@owlfolio.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).