vsprintf considered dangerous

[Chris Torek]

In article <18746 at think.UUCP> bromley at think.COM (Mark Bromley) writes:
>... A somewhat different interface would allow the standard functions
>to be used with complete error checking in the case of io to/from
>strings.  In the context of stdio, what would be provided is an sopen
>function, which is given a buffer and its size and returns a stream in
>which i/o is done directly to the buffer.

% grep open /usr/include/stdio.h
#define	_IORW	0400		/* open for reading & writing */
extern FILE *fdopen(int fd, const char *type);
extern FILE *fopen(const char *name, const char *type);
extern FILE *freopen(const char *name, const char *type, FILE *stream);
extern FILE *popen(const char *name, const char *type);
extern FILE *fmemopen(char *addr, unsigned int len, const char *mode);
extern FILE *funopen(const void *cookie,
#define	fropen(cookie, fn) funopen(cookie, fn, 0, 0, 0)
#define fwopen(cookie, fn) funopen(cookie, 0, fn, 0, 0)

[non-prototype version deleted.  funopen is:
	FILE *funopen(const void *cookie,
		int (*readfn)(void *cookie, char *buf, int n),
		int (*writefn)(void *cookie, const char *buf, int n),
		long (*seekfn)(void *cookie, long off, int whence),
		int (*closefn)(void *cookie));
]

This is not standard anything, but rather my own hacks to stdio.
fmemopen() opens a memory region.  funopen() is an even more general
version that opens `I/O functions'.  Given this and vfprintf as a base,
one can write a completely portable version of, e.g., curses' `wprintw'
routine, with no limit on the number of characters that can be written.
(Writing more than 1K with wprintw or syslog, or 2K with XText*, has
been known to crash programs.)
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris at mimsy.umd.edu	Path:	uunet!mimsy!chris