Re: [vdr] cppcheck: VDR 1.7.18: [timers.c:53]: (error) snprintf size is out of bounds
On 15.06.2011 19:37, Udo Richter wrote: Am 15.06.2011 18:34, schrieb Klaus Schmidinger: On 15.06.2011 15:30, Paul Menzel wrote: if (Instant&& channel) snprintf(file, sizeof(file), "%s%s", Setup.MarkInstantRecord ? "@" : "", *Setup.NameInstantRecord ? Setup.NameInstantRecord : channel->Name()); ...this should be sizeof(file) - 1 Actually, all versions of snprintf documentation I've just checked agree that snprintf will write at most size-1 chars and a trailing 0 byte, so it was ok before too. But for safety, on byte less doesn't hurt. Gee, you're right! Or is there some broken implementation out there that may write beyond str[size-1]? None that I know of. Well, since the docs for snprintf are clear about this, let's leave things as they are. I wonder, though, why cppcheck thinks there's something wrong here... Klaus ___ vdr mailing list vdr@linuxtv.org http://www.linuxtv.org/cgi-bin/mailman/listinfo/vdr
Re: [vdr] cppcheck: VDR 1.7.18: [timers.c:53]: (error) snprintf size is out of bounds
Am Wed, 15 Jun 2011 18:34:59 +0200 schrieb Klaus Schmidinger : > ...this should be > >sizeof(file) - 1 > > Thanks for the bug report. This is no bug. The size parameter includes the '\0' byte. Gerald ___ vdr mailing list vdr@linuxtv.org http://www.linuxtv.org/cgi-bin/mailman/listinfo/vdr
Re: [vdr] cppcheck: VDR 1.7.18: [timers.c:53]: (error) snprintf size is out of bounds
Am 15.06.2011 18:34, schrieb Klaus Schmidinger: > On 15.06.2011 15:30, Paul Menzel wrote: >>if (Instant&& channel) >> snprintf(file, sizeof(file), "%s%s", >> Setup.MarkInstantRecord ? "@" : "", *Setup.NameInstantRecord ? >> Setup.NameInstantRecord : channel->Name()); > > ...this should be > > sizeof(file) - 1 Actually, all versions of snprintf documentation I've just checked agree that snprintf will write at most size-1 chars and a trailing 0 byte, so it was ok before too. But for safety, on byte less doesn't hurt. Or is there some broken implementation out there that may write beyond str[size-1]? (strncpy is more broken, thats why my typical usage is: strncpy(dest, src, sizeof(dest)-1); dest[sizeof(dest)-1] = 0; ) Cheers, Udo ___ vdr mailing list vdr@linuxtv.org http://www.linuxtv.org/cgi-bin/mailman/listinfo/vdr
Re: [vdr] cppcheck: VDR 1.7.18: [timers.c:53]: (error) snprintf size is out of bounds
On 15.06.2011 15:30, Paul Menzel wrote: Dear VDR folks, Cppcheck 1.49 [1] reports the following error when run against VDR 1.7.18. [timers.c:53]: (error) snprintf size is out of bounds Looking at `timers.c` in `CTimer` `*file = 0` and afterward written to if I am not mistaken. This just sets the string to be "empty", but... […] cTimer::cTimer(bool Instant, bool Pause, cChannel *Channel) { ... *file = 0; aux = NULL; event = NULL; if (Instant&& channel) snprintf(file, sizeof(file), "%s%s", Setup.MarkInstantRecord ? "@" : "", *Setup.NameInstantRecord ? Setup.NameInstantRecord : channel->Name()); ...this should be sizeof(file) - 1 Thanks for the bug report. Klaus […] Unfortunately I do not know C++ well enough to judge this error message. Thanks, Paul [1] http://cppcheck.sourceforge.net/ ___ vdr mailing list vdr@linuxtv.org http://www.linuxtv.org/cgi-bin/mailman/listinfo/vdr