From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5468 invoked by alias); 19 Feb 2012 13:11:22 -0000 Received: (qmail 5148 invoked by uid 22791); 19 Feb 2012 13:11:21 -0000 X-SWARE-Spam-Status: No, hits=-1.9 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from hagrid.ecoscentric.com (HELO mail.ecoscentric.com) (212.13.207.197) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 19 Feb 2012 13:11:07 +0000 Received: from localhost (hagrid.ecoscentric.com [127.0.0.1]) by mail.ecoscentric.com (Postfix) with ESMTP id 66D7F2F78006 for ; Sun, 19 Feb 2012 13:11:06 +0000 (GMT) Received: from mail.ecoscentric.com ([127.0.0.1]) by localhost (hagrid.ecoscentric.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B6QmAXGLIGIQ; Sun, 19 Feb 2012 13:11:03 +0000 (GMT) From: bugzilla-daemon@bugs.ecos.sourceware.org To: ecos-patches@ecos.sourceware.org Subject: [Bug 1001490] New: C99 snprintf() does not include terminated null in truncated strings X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: eCos X-Bugzilla-Component: Patches and contributions X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: sergei.gavrikov@gmail.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: low X-Bugzilla-Assigned-To: unassigned@bugs.ecos.sourceware.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://bugs.ecos.sourceware.org/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Sun, 19 Feb 2012 13:11:00 -0000 Mailing-List: contact ecos-patches-help@ecos.sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: ecos-patches-owner@ecos.sourceware.org X-SW-Source: 2012-02/txt/msg00072.txt.bz2 Please do not reply to this email. Use the web interface provided at: http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001490 Summary: C99 snprintf() does not include terminated null in truncated strings Product: eCos Version: CVS Platform: All OS/Version: Other Status: NEW Severity: enhancement Priority: low Component: Patches and contributions AssignedTo: unassigned@bugs.ecos.sourceware.org ReportedBy: sergei.gavrikov@gmail.com CC: ecos-patches@ecos.sourceware.org Class: Advice Request Created an attachment (id=1587) --> (http://bugs.ecos.sourceware.org/attachment.cgi?id=1587) add null terminator for truncated strings; fix checks in stdio sprintf2.c test SNPRINTF(3) The functions snprintf() and vsnprintf() do not write more than size bytes (including the terminating null byte ('\0')). If the output was truncated due to this limit then the return value is the number of characters (excluding the terminating null byte) which would have been written to the final string if enough space had been available. Thus, a return value of size or more means that the output was truncated. But, truncated string of eCos "C99" snprintf() does not include the terminating null byte ('\0'). You would see this bug running eCos stdio `sprintf2' test, if cdl_option CYGIMP_LIBC_STDIO_C99_SNPRINTF { user_value 1 }; applied. For example, this is a case when you add eCos USTL package which claims CYGIMP_LIBC_STDIO_C99_SNPRINTF. Then a built `sprintf2' test (it uses a few checks for snprintf()) fails on FAIL: Line: 138, File: language/c/libc/stdio/current/tests/sprintf2.c FAIL: Line: 140, File: language/c/libc/stdio/current/tests/sprintf2.c FAIL: Line: 145, File: language/c/libc/stdio/current/tests/sprintf2.c FAIL: Line: 147, File: language/c/libc/stdio/current/tests/sprintf2.c FAIL: Line: 169, File: language/c/libc/stdio/current/tests/sprintf2.c FAIL: Line: 172, File: language/c/libc/stdio/current/tests/sprintf2.c EXIT: The fails on checks the 'return code' (lines 140, 147, and 172) are okay due C99 snprintf() return value. But checks on lines 138, 145, and 169 are "strcmp()" checks and they should not fail if snprintf() implemented properly. Workaround is to add additional check and set the terminator in eCos vsnprintf.cxx, see an attached patch. Also the patch adds proper checks for return codes in sprintf2.c test if C99 implementation snprintf() uses. With applied patch all snprintf() checks pass as we could expect. -- Configure bugmail: http://bugs.ecos.sourceware.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.