[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[UDUNITS #XTH-607581]: Buffer overrun in ut_format
- Subject: [UDUNITS #XTH-607581]: Buffer overrun in ut_format
- Date: Thu, 19 May 2011 13:51:07 -0600
Alex,
> Thank you for your reply. My problem is that on my platform, if the
> format buffer is too small, I often get a segfault instead of an error
> code. With the error code, even a -1 instead of a required size, I
> could double the size of my format buffer and try again. But as it is
> there is no guarantee that my format buffer will not be too small for
> the formatted unit, leading to buffer overrun.
>
> What workaround would you recommend for users with C99-compliant
> sprintf? I could run through all the possible format output to find
> the maximum possible size with the standard XML unit database. I
> could still get overruns if users use ut_map_name_to_unit, but I
> suppose I could live with this possibility.
I recommend that you always check the number of bytes returned by ut_format()
and if it's greater than or equal to the size of the buffer, then consider it
an error.
I just released a new version that should treat snprintf() calls more
rigorously (there were some other changes that had to be made).
> Would it be possible to update the C API docs to indicate that the
> return value from ut_format depends on the platform's implementation
> of sprintf?
The documentation on ut_format() has been updated. It now reads
On success, this function returns either the number of bytes – excluding the
terminating NUL – that were written into buf or the number of bytes that would
have been written. The difference is due to the the runtime snprinf() function
that was used.
> Thanks for dealing with this.
>
> Best regards,
>
> Alex
Regards,
Steve Emmerson
Ticket Details
===================
Ticket ID: XTH-607581
Department: Support UDUNITS
Priority: Normal
Status: Closed