You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@stdcxx.apache.org by "Travis Vitek (JIRA)" <ji...@apache.org> on 2007/09/14 04:03:32 UTC

[jira] Updated: (STDCXX-524) buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)

     [ https://issues.apache.org/jira/browse/STDCXX-524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Travis Vitek updated STDCXX-524:
--------------------------------

    Attachment: stdcxx-524.patch

I have opted to just use a large fixed length buffer for the file names. This is what we're doing all over the place and I didn't want to introduce a totally different way to do this. If someone feels it is really necessary, I can change parts of this to use dynamic buffers. I can't make the cached locale name dynamic unless I want to leave allocated memory at program exit.

> buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
> ------------------------------------------------------------
>
>                 Key: STDCXX-524
>                 URL: https://issues.apache.org/jira/browse/STDCXX-524
>             Project: C++ Standard Library
>          Issue Type: Bug
>          Components: Tests
>    Affects Versions: 4.1.2, 4.1.3, 4.1.4
>            Reporter: Travis Vitek
>            Assignee: Travis Vitek
>            Priority: Trivial
>             Fix For: 4.2.1
>
>         Attachments: stdcxx-524.patch
>
>
> This test uses L_tmpnam to determine the length of a buffer used to store a filename string. Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written to with std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf() call writes 58 bytes [this will vary based on user name and other variables]. Perhaps the buffer should be made larger, or some other method should be used to fill the buffer. Perhaps this would work.
> #if !defined (_WIN32) && !defined (_WIN64)
> #  define _PATH_MAX PATH_MAX
> #else
> #  define _PATH_MAX _MAX_PATH
> #endif
>     char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
>     std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.