On Wed, Mar 26, 2008 at 08:55:53PM +0100, Jim Meyering wrote: > qemudReportError(NULL, NULL, NULL, VIR_ERR_NO_MEMORY, > - "vncTLSx509certdir"); > + "%s", _("failed to allocate vncTLSx509certdir")); versus: > qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR, > - "Cannot find QEMU binary %s: %s", binary, > + _("Cannot find QEMU binary %s: %s"), binary, > strerror(errno)); I assume that the problem with the first one is that gettext might erroneously return a string containing % sequences, resulting in a runtime failure or even exploit. But that could also be a problem with the second one too, surely? (ie. gettext might return three or more % sequences). OCaml gettext offers two forms of the gettext function, one for plain strings and one for format strings[1]. The format string version checks that any % sequences in the translated string are compatible with those in the original string. (If not then the original string is returned to avoid any exploit). Sounds as if we need a similar feature in C gettext. A cursory check of the info file didn't show anything like this. Rich. [1] and of course the powerful type system ensures that you always use the correct form, ho hum ... -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list