Recent versions of clang / xcode have deprecated sprintf to the point where the warning messages are getting overwhelming (nine long lines of output for each occurrance).
Please consider changing calls from sprintf(str,….); to snprintf(str,sizeof(str),…);
It would of course be great if you received the return code and handled errors, but even without that, the code should be safer than it is now – and the warnings will go away.
Thanks.
sprintf to snprintf
Author
ramcdona said:
the warning messages are getting overwhelming
You can disable warnings you don't want.
Here an example sometimes i use:
#pragma warning ( disable : 4267 ) // 'argument': conversion from 'size_t' to 'const int32_t', possible loss of data
#pragma warning ( disable : 4838 ) // 'argument': conversion from 'unsigned __int64' to 'int' requires a narrowing conversion
#pragma warning ( disable : 4244 ) // 'argument': conversion from '__int64' to 'int', possible loss of data
Thanks. I don't use clang myself so I hadn't seen the warnings yet. I'll do the replacement.
Regards,
Andreas
WitchLord said:
Thanks. I don't use clang myself so I hadn't seen the warnings yet. I'll do the replacement.
Regards,
Andreas
Even VS warns about these in the newer compilers
I finally got some time to try out clang. I didn't get any warnings for sprintf.
What version of clang are you using, and what are your compiler flags? I would like to try the same so I can properly test that any code changes actually removes all warnings.
The version I use is the default version available for Ubuntu Linux: “Ubuntu clang version 15.0.6”
Author
I'm building with xcode – which is an Apple modified version of clang. I would not expect Apple to be more aggressive about warnings and errors. Here is a verbose report from one of the files…
[35/51] /usr/bin/c++ -DANGELSCRIPT_EXPORT -DAS_USE_STLNAMES -D_LIB -D__STDC_LIMIT_MACROS -Isrc/external/angelscript/sdk/./angelscript/include -fsanitize=address -std=c++11 -stdlib=libc++ -O2 -g -DNDEBUG -arch arm64 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk -mmacosx-version-min=12.6 -MD -MT src/external/angelscript/sdk/CMakeFiles/Angelscript.dir/add_on/scriptarray/scriptarray.cpp.o -MF src/external/angelscript/sdk/CMakeFiles/Angelscript.dir/add_on/scriptarray/scriptarray.cpp.o.d -o src/external/angelscript/sdk/CMakeFiles/Angelscript.dir/add_on/scriptarray/scriptarray.cpp.o -c src/external/angelscript/sdk/add_on/scriptarray/scriptarray.cpp
src/external/angelscript/sdk/add_on/scriptarray/scriptarray.cpp:1287:6: warning: 'sprintf' is deprecated: This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Wdeprecated-declarations]
sprintf(tmp, "Type '%s' has multiple matching opEquals or opCmp methods", subType->GetName());
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/stdio.h:188:1: note: 'sprintf' has been explicitly marked deprecated here
__deprecated_msg("This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead.")
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/sys/cdefs.h:215:48: note: expanded from macro '__deprecated_msg'
#define __deprecated_msg(_msg) __attribute__((__deprecated__(_msg)))
^
src/external/angelscript/sdk/add_on/scriptarray/scriptarray.cpp:1293:6: warning: 'sprintf' is deprecated: This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Wdeprecated-declarations]
sprintf(tmp, "Type '%s' does not have a matching opEquals or opCmp method", subType->GetName());
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/stdio.h:188:1: note: 'sprintf' has been explicitly marked deprecated here
__deprecated_msg("This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead.")
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/sys/cdefs.h:215:48: note: expanded from macro '__deprecated_msg'
#define __deprecated_msg(_msg) __attribute__((__deprecated__(_msg)))
^
src/external/angelscript/sdk/add_on/scriptarray/scriptarray.cpp:1450:6: warning: 'sprintf' is deprecated: This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Wdeprecated-declarations]
sprintf(tmp, "Type '%s' has multiple matching opCmp methods", subType->GetName());
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/stdio.h:188:1: note: 'sprintf' has been explicitly marked deprecated here
__deprecated_msg("This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead.")
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/sys/cdefs.h:215:48: note: expanded from macro '__deprecated_msg'
#define __deprecated_msg(_msg) __attribute__((__deprecated__(_msg)))
^
src/external/angelscript/sdk/add_on/scriptarray/scriptarray.cpp:1456:6: warning: 'sprintf' is deprecated: This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Wdeprecated-declarations]
sprintf(tmp, "Type '%s' does not have a matching opCmp method", subType->GetName());
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/stdio.h:188:1: note: 'sprintf' has been explicitly marked deprecated here
__deprecated_msg("This function is provided for compatibility reasons only. Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead.")
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.1.sdk/usr/include/sys/cdefs.h:215:48: note: expanded from macro '__deprecated_msg'
#define __deprecated_msg(_msg) __attribute__((__deprecated__(_msg)))
^
4 warnings generated.
It looks like it might actually be issued by the standard library (not strictly by the compiler). So I would guess the “-std=c++11 -stdlib=libc++” flags first.
I am more than happy to test out a version if you push one up.
I am building locally for arm64, but since AS isn't fully functional here yet, I just don't use those parts of my program on this development machine. My release builds are all build for Intel architecture and are run under Rosetta on a M1 or M2 Apple chip.
Thanks,
Rob
I checked the stdio.h file installed on my Linux setup, and it doesn't contain the deprecated attribute on sprintf, so that is why the warning doesn't show up for me. Apple is very thorough about security issues, so it makes sense that they would deprecate the use of sprintf due to it being a common source for bugs and memory invasions when not used properly. Microsoft has likewise deprecated it, but instead opted to introduce a custom function sprintf_s rather than recommend use of snprintf.
Anyway, I've fixed this in rev 2831.
https://sourceforge.net/p/angelscript/code/2831/
Author
Thanks a bunch for your attention to this & everything else. It is a small issue – but I know you like to keep the code clean and tidy of this sort of thing.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
