J
jacob
You have the right to misread anything.
I did not misread, I quoted exactly what the committee answered.
You have a responsibility, as
a self-proclaimed expert. to think with something other than your
gonads.
You address none of the technical points I raised. You do not explain
why the committee specifies an obviously too small buffer and fails
to provide for upper limits. But you throw "thinking with your
gonads" into the discussion to provoke an emotional atmosphere and
take people away from the technical discussion... since you have
absolutely NO technical arguments to propose.
The response you quoted clearly encompasses a variety
of nicer behaviors than buffer overflow, but you neglect to take
them in.
Absolutely not since I cited them. What I do not accept is that
the commitee explicitely says that they would rather have an
IMPLICIT UB instead of adjusting the size of the buffer or
providing an upper limit explicitely.
The committee *accepts* that buffer overflow can occur in a
conforming implementation. The same is true of:
int a[10];
a[300] = 4;
Great! Since in C anything goes (see above) let's make things
worse. Let's put that in the standard then!
The committee provides code for very few functions. For unknown
reasons then, they decided to put code into the standard text
that contains a clear buffer overflow problem.
And they persist into their error. Changing that 26 to a number
based on sizeof(INT_MAX) is beyond them, even if there is a clear
proof of how the calculation is done.
Why?
I do not know. In general, Mr Plauger is somebody that
jas written software of good quality and his book about the
C library has been a good inspiration for me. For this reasons
his attitude now is even more incomprehensible.
jacob