* mdocml: Never use LC_ALL.
@ 2015-11-12 21:50 schwarze
0 siblings, 0 replies; only message in thread
From: schwarze @ 2015-11-12 21:50 UTC (permalink / raw)
To: source
Log Message:
-----------
Never use LC_ALL. On the one hand, it can cause misformatting.
On the other hand, it is a security risk because it might cause
buffer overflows. Use LC_CTYPE only, that's all we need.
Modified Files:
--------------
mdocml:
term_ascii.c
Revision Data
-------------
Index: term_ascii.c
===================================================================
RCS file: /home/cvs/mdocml/mdocml/term_ascii.c,v
retrieving revision 1.51
retrieving revision 1.52
diff -Lterm_ascii.c -Lterm_ascii.c -u -p -r1.51 -r1.52
--- term_ascii.c
+++ term_ascii.c
@@ -88,8 +88,16 @@ ascii_init(enum termenc enc, const struc
#if HAVE_WCHAR
if (TERMENC_ASCII != enc) {
+
+ /*
+ * Do not change any of this to LC_ALL. It might break
+ * the formatting by subtly changing the behaviour of
+ * various functions, for example strftime(3). As a
+ * worst case, it might even cause buffer overflows.
+ */
+
v = TERMENC_LOCALE == enc ?
- setlocale(LC_ALL, "") :
+ setlocale(LC_CTYPE, "") :
setlocale(LC_CTYPE, "en_US.UTF-8");
if (NULL != v && MB_CUR_MAX > 1) {
p->enc = enc;
--
To unsubscribe send an email to source+unsubscribe@mdocml.bsd.lv
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2015-11-12 21:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-11-12 21:50 mdocml: Never use LC_ALL schwarze
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).