You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@stdcxx.apache.org by "Martin Sebor (JIRA)" <ji...@apache.org> on 2008/03/18 15:55:27 UTC
[jira] Assigned: (STDCXX-765) Incorrect using rw_asnprintf() with
%{+} format and not NUL-terminated buffer in _rw_fmtflags(),
_rw_fmtevent(), _rw_fmtlc()
[ https://issues.apache.org/jira/browse/STDCXX-765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Sebor reassigned STDCXX-765:
-----------------------------------
Assignee: Martin Sebor
> Incorrect using rw_asnprintf() with %{+} format and not NUL-terminated buffer in _rw_fmtflags(), _rw_fmtevent(), _rw_fmtlc()
> -----------------------------------------------------------------------------------------------------------------------------
>
> Key: STDCXX-765
> URL: https://issues.apache.org/jira/browse/STDCXX-765
> Project: C++ Standard Library
> Issue Type: Bug
> Components: Test Driver
> Affects Versions: 4.2.0
> Environment: All
> Reporter: Farid Zaripov
> Assignee: Martin Sebor
> Fix For: 4.2.1
>
> Attachments: stdcxx-765.diff
>
>
> The buf parameter of the _rw_fmtflags(), _rw_fmtevent() and _rw_fmtlc() functions contains not NUL-terminated data. The length of data in buf is stored in buf.endoff.
> The rw_asnprintf() function accepts the only buf.pbuf and buf.pbufsize, but not buf.endoff. When %{+} format is used, the length of data in buf calculated using strlen() function, but this length is incorrect due to data is not NUL-terminated.
> Another bug is that _rw_fmtflags(), _rw_fmtevent() and _rw_fmtlc() functions are returns len, but without updating the buf.endoff. Due to this the result of rw_asnprintf() is cutted in further processing.
> These problems are detected in 0.printf test after latest update.
> The schematic patch without error checking is below. This patch is not intended to apply. It's only shows how these bugs should be fixed.
> {noformat}
> Index: tests/src/fmt_bits.cpp
> ===================================================================
> --- tests/src/fmt_bits.cpp (revision 637399)
> +++ tests/src/fmt_bits.cpp (working copy)
> @@ -204,9 +204,12 @@
>
> #endif // _RWSTD_NO_EXT_BIN_IO
>
> - len = rw_asnprintf (buf.pbuf, buf.pbufsize,
> - "%{+} | %{?}std::ios::%{;}base(%d)",
> - spec.fl_pound, base);
> + (*buf.pbuf) [buf.endoff] = '\0';
> + int res = rw_asnprintf (buf.pbuf, buf.pbufsize,
> + "%{+} | %{?}std::ios::%{;}base(%d)",
> + spec.fl_pound, base);
> + buf.endoff += res;
> + len += res;
> }
>
> return len;
> @@ -303,9 +306,12 @@
> : std::ios::erase_event == event ? "erase_event"
> : 0;
>
> - return rw_asnprintf (buf.pbuf, buf.pbufsize,
> - "%{+}%{?}std::ios::%{;}%{?}%s%{:}event(%d)%{;}",
> - spec.fl_pound, 0 != str, str, event);
> + (*buf.pbuf) [buf.endoff] = '\0';
> + int len = rw_asnprintf (buf.pbuf, buf.pbufsize,
> + "%{+}%{?}std::ios::%{;}%{?}%s%{:}event(%d)%{;}",
> + spec.fl_pound, 0 != str, str, event);
> + buf.endoff += len;
> + return len;
> }
>
> /********************************************************************/
> @@ -329,8 +335,12 @@
>
> }
>
> - if (str)
> - return rw_asnprintf (buf.pbuf, buf.pbufsize, "%{+}%s", str);
> + if (str) {
> + (*buf.pbuf) [buf.endoff] = '\0';
> + int len = rw_asnprintf (buf.pbuf, buf.pbufsize, "%{+}%s", str);
> + buf.endoff += len;
> + return len;
> + }
>
> static const Bitnames names [] = {
> BITNAME (std::locale, all),
> {noformat}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.