search

yaml / libyaml

Canonical source repository for LibYAML
http://pyyaml.org/wiki/LibYAML
MIT License
921 stars 312 forks source link

`sprintf` is deprecated on MacOS if ASAN is enable. #276

Open RechieKho opened 7 months ago

RechieKho commented 7 months ago

In dumper.c:

static yaml_char_t *
yaml_emitter_generate_anchor(SHIM(yaml_emitter_t *emitter), int anchor_id)
{
    yaml_char_t *anchor = YAML_MALLOC(ANCHOR_TEMPLATE_LENGTH);

    if (!anchor) return NULL;

    sprintf((char *)anchor, ANCHOR_TEMPLATE, anchor_id);

    return anchor;
}

You used sprintf. But when I enable ASAN and compile on Mac, I get this deprecation error:

/Users/richie/Documents/cxx_projects/iree.gd/thirdparty/iree/third_party/libyaml/src/dumper.c:254:5: error: 'sprintf' is deprecated: This function is provided for compatibility reasons only.  Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Werror,-Wdeprecated-declarations]
    sprintf((char *)anchor, ANCHOR_TEMPLATE, anchor_id);
    ^

I have suppress the error on my project, but it sure does feel like beat around the bush instead of directly solve the problem though. Hopefully it can be replace with the safer variant, snprintf, and make compiling on MacOS with ASAN much easier.