64-bit snprintf/vsnprintf overflow condition
Eric Blake
eblake@redhat.com
Fri Oct 29 20:01:00 GMT 2010
On 10/29/2010 12:03 PM, David A. Ramos wrote:
> Hi,
>
> It looks like the overflow condition in vsnprintf/snprintf is unnecessarily restrictive for 64-bit architectures.
>
> from libc/stdio/snprintf.c:
> 52 if (size > INT_MAX)
> 53 {
> 54 ptr->_errno = EOVERFLOW;
> 55 return EOF;
> 56 }
>
> I believe it should use SIZE_MAX, rather than INT_MAX.
It MUST be INT_MAX. That's because the return value is int, not size_t.
Here's what POSIX has to say about it:
http://www.opengroup.org/onlinepubs/9699919799/functions/snprintf.html
The snprintf() function shall fail if:
[EOVERFLOW]
[CX] [Option Start] The value of n is greater than {INT_MAX} or the
number of bytes needed to hold the output excluding the terminating null
is greater than {INT_MAX}. [Option End]
and as further amended by:
http://austingroupbugs.net/view.php?id=316
Add the following [EOVERFLOW] error under the ERRORS section
(in the Rebision) introduced by
"In addition, all forms of fprintf( ) shall fail if:",
[EOVERFLOW]
[CX] The value to be returned is greater than {INT_MAX}.
And then change the existing [EOVERFLOW] error for snprintf() to:
[EOVERFLOW]
[CX] The value of n is greater than {INT_MAX}.
(Note the use of CX shading in both cases - in the revision the
existing EOVERFLOW has changed from XSI to CX.)
Then in XSH 2.3 Error Numbers add to the end of the existing
paragraph 6 which says
"The ERRORS section on each reference page specifies which error
conditions shall be detected by all implementations (``shall
fail'') and which may be optionally detected by an implementation
(``may fail''). If no error condition is detected, the action
requested shall be successful."
(new text to add):
If an error condition is detected, the action requested may have
been partially performed, unless otherwise stated.
--
Eric Blake eblake@redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://sourceware.org/pipermail/newlib/attachments/20101029/13fffaba/attachment.sig>
More information about the Newlib
mailing list