From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11311 invoked by alias); 8 Aug 2012 16:58:55 -0000 Received: (qmail 11293 invoked by uid 22791); 8 Aug 2012 16:58:53 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=AWL,BAYES_00,KHOP_THREADED X-Spam-Check-By: sourceware.org Received: from hagrid.ecoscentric.com (HELO mail.ecoscentric.com) (212.13.207.197) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 08 Aug 2012 16:58:40 +0000 Received: from localhost (hagrid.ecoscentric.com [127.0.0.1]) by mail.ecoscentric.com (Postfix) with ESMTP id AEFA82F7800C for ; Wed, 8 Aug 2012 17:58:39 +0100 (BST) Received: from mail.ecoscentric.com ([127.0.0.1]) by localhost (hagrid.ecoscentric.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1p2d+pvyuhTr; Wed, 8 Aug 2012 17:58:38 +0100 (BST) From: bugzilla-daemon@bugs.ecos.sourceware.org To: ecos-patches@ecos.sourceware.org Subject: [Bug 1001490] C99 snprintf() does not include terminated null in truncated strings X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: eCos X-Bugzilla-Component: Patches and contributions X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: sergei.gavrikov@gmail.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: low X-Bugzilla-Assigned-To: unassigned@bugs.ecos.sourceware.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: References: X-Bugzilla-URL: http://bugs.ecos.sourceware.org/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Wed, 08 Aug 2012 16:58:00 -0000 Message-Id: <20120808165838.54E2C2F78005@mail.ecoscentric.com> Mailing-List: contact ecos-patches-help@ecos.sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: ecos-patches-owner@ecos.sourceware.org X-SW-Source: 2012-08/txt/msg00018.txt.bz2 Please do not reply to this email. Use the web interface provided at: http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001490 --- Comment #5 from Sergei Gavrikov 2012-08-08 17:58:35 BST --- (In reply to comment #4) > (In reply to comment #3) > oops, sorry... Now I see, actually I applied the my own patch from > http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001628 [snip] Thanks. Clear. > Well, there is more trouble with sprintf.... > > There is another bug #20804, about the %e format, that is also still > not fixed. > > When I tried to understand, why that happens, I found a buffer > overflow in the statement: printf("%.15f", DBL_MAX); > > There is a buffer in vfnprintf() which is 2 characters too small. There is another case. Today I investigated in bug #20804. The reason is 686 /* trailing f.p. zeroes */ 687 PAD(fpprec, zeroes); 688 ret += fpprec; It's okay for ("%.18f\n", 3.14e-11) 0.000000000031400000 But the padding/zeroing will be wrong for %e, %E, when requested prec > MAXPREC. Well, I ever made a fix :-) But, then I Googled and found this report http://www.cygwin.com/ml/ecos-discuss/2001-05/msg00065.html Well, it looks like my fix (Suzuki did talk about the same point which I found in GDB), but my workaround was if (prec > MAXFRACT) { if ((ch == 'f' && ch == 'F') || (flags&ALT)) { fpprec = prec - MAXFRACT; prec = MAXFRACT; } } else if (prec == -1) I was suprised how many projects use the same "printf" sources! But I've seen no fixes in this place there. I need more time to look around. > Maybe there should be a patch for all of the known issues. What do > you think? No matter. I think we have to rid all the issues. Thank you for your reports. Sergei -- Configure bugmail: http://bugs.ecos.sourceware.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.