>>>>> On Tue, 11 Dec 2001 23:39:53 -0800, Guy Harris <gharris@xxxxxxxxx> said:
>> I just discovered an interesting feature in recent Red Hat Linux
>> ucd-snmp packages.
Guy> Sigh.
Guy> At Sun, we came up with the notion of major and minor version
Guy> numbers for shared libraries *over 10 years ago*, in SunOS 4.0;
Guy> if you change the library in such a fashion that binaries that
Guy> work with the previous version of the library won't work with the
Guy> new version of the library, you change the major version number
Guy> of the library, so that old binaries *don't bind to the new
Guy> version of the library*.
Sorry for not reading this mail folder enough, but just I'd like to
say "it's not our fault".
These changes come from patches developed by caldera and applied to
the various packages distributed by the linux distribution vendors.
It does *not* come from the real ucd-snmp packages where we'd never do
something as stupid as changing API parameters and leaving the
function name the same.
The solution to this is to tell people not to use the RH/whatever
rpms and to get the real RPMs from http://www.net-snmp.org/download/
instead. The other thing is to probably stop using sprint_XXX() in
the first place and use sprint_realloc_XXX instead which is how we've
fixed possible buffer overflows internally without changing the
original API.
Guy> But, frankly, given that this also breaks *source* compatibility,
Guy> the names of the routines should probably have been changed to
Guy> "sbuf_sprint_XXX()" or something such as that.
Don't get me started ;-)
--
"Ninjas aren't dangerous. They're more afraid of you than you are of them."
