Re: Releasing groff 1.22.5?

[Werner LEMBERG]

> The code in
>
>   gnulib/lib/vasnprintf.c
>
> line 4879 puts a format string containing a %n directive into
> writeable memory and subsequently passes that memory as a first
> argument to printf(3).
>
> Using %n at all is insecure programming practice.  [...]

Please contact bug-gnulib@gnu.org and voice your concerns.  Then
report back to this list.

> So my favourite solution would be to just stop using all the gnulib
> *printf* modules.  I'm not aware of any portability problems they
> might help to solve, not even on historic systems like Solaris 9,
> but they most definitly cause severe portability and security issues
> on several operating systems, in particular on modern ones.
>
> What do you think?

Honestly, I don't like that at all.  groff is a GNU project, and as
such it should use the full power of GNU stuff, and I consider
'gnulib' as a very powerful toolbox to get a consistent interface for
as much UNIX-like platforms as possible.

On the other hand, I'm no longer maintainer of groff, so please do
what you think is best.  However, please bear in mind that groff *is*
a GNU project.

> Should i do testing without these three modules on OpenBSD, Linux,
> and various versions of Solaris to see if that improves matters?

As mentioned above I think it's better to first contact the gnulib
people.  Perhaps this saves you a lot of time, or they can assist you
in adjusting the code to work smoothlessly on BSD platforms, too, if
necessary,


    Werner