Skip navigation links
About Worklog
The MySQL Worklog are design specifications for some of the items that may be considered for future development.

WL#1597: sprintf -> snprintf (cleanup)

Affects: Server-7.1   —   Status: Assigned   —   Priority: Medium 

A recent security audit pinged us for using sprintf throughout the code. We need 
to resolve issues surrounding how we handle strings. 

So:
All sprintf() should become my_snprintf().
All scanf() statements need to be scrutinized.
All defined sizes need to be defined (no assumed sizes).
We need to make sure and define strmov in a manner where it can no be overflowed.


Copyright (c) 2000, 2013, Oracle Corporation and/or its affiliates. All rights reserved.