work around BeOS snprintf() bug

Fri, 09 Nov 2007 04:07:46 -0800 

When snprintf (buf, 1, formatstring, ...) is called on BeOS, it acts like
an sprintf() call: It overwrites memory, ignoring the size = 1 argument.

Here is a patch that documents this bug and works around it in vasnprintf.c.

This bug was uncovered through the gnulib tests included in the gettext 0.17
release. I started doing what Eric had already had the courage to do in m4
before, and it proved fruitful.


2007-11-09  Bruno Haible  <[EMAIL PROTECTED]>

        * doc/functions/snprintf.texi: Mention BeOS deficiency.
        * doc/functions/vsnprintf.texi: Likewise.
        * lib/vasnprintf.c (VASNPRINTF): Ensure that we never call snprintf
        with a size argument < 2.

--- doc/functions/snprintf.texi.orig    2007-11-09 12:58:46.000000000 +0100
+++ doc/functions/snprintf.texi 2007-11-09 12:57:13.000000000 +0100
@@ -61,6 +61,10 @@
 This function does not fully support the @samp{n} directive on some platforms:
 HP-UX 11, mingw.
 @item
+This function overwrites memory when a size = 1 argument is passed on some
+platforms:
+BeOS.
[EMAIL PROTECTED]
 This function overwrites memory even when a zero size argument is passed on 
some
 platforms:
 OSF/1 5.1.
--- doc/functions/vsnprintf.texi.orig   2007-11-09 12:58:46.000000000 +0100
+++ doc/functions/vsnprintf.texi        2007-11-09 12:57:14.000000000 +0100
@@ -61,6 +61,10 @@
 This function does not fully support the @samp{n} directive on some platforms:
 HP-UX 11, mingw.
 @item
+This function overwrites memory when a size = 1 argument is passed on some
+platforms:
+BeOS.
[EMAIL PROTECTED]
 This function overwrites memory even when a zero size argument is passed on 
some
 platforms:
 HP-UX 11, OSF/1 5.1.
--- lib/vasnprintf.c.orig       2007-11-09 12:58:46.000000000 +0100
+++ lib/vasnprintf.c    2007-11-09 12:54:23.000000000 +0100
@@ -4046,9 +4046,13 @@
                   sizeof (TCHAR_T) divides sizeof (DCHAR_T) and
                   alignof (TCHAR_T) <= alignof (DCHAR_T).  */
 # define TCHARS_PER_DCHAR (sizeof (DCHAR_T) / sizeof (TCHAR_T))
+               /* Ensure that maxlen below will be >= 2.  Needed on BeOS,
+                  where an snprintf() with maxlen==1 acts like sprintf().  */
+               ENSURE_ALLOCATION (xsum (length,
+                                        (2 + TCHARS_PER_DCHAR - 1)
+                                        / TCHARS_PER_DCHAR));
                /* Prepare checking whether snprintf returns the count
                   via %n.  */
-               ENSURE_ALLOCATION (xsum (length, 1));
                *(TCHAR_T *) (result + length) = '\0';
 #endif

Reply via email to