NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

lib/50269: bad macro: luaconf.h: #define sprintf(s,fmt,...) snprintf(s, sizeof(s), fmt, __VA_ARGS__)



>Number:         50269
>Category:       lib
>Synopsis:       bad macro: luaconf.h: #define sprintf(s,fmt,...)  snprintf(s, sizeof(s), fmt, __VA_ARGS__)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Sep 23 20:00:00 +0000 2015
>Originator:     Andrew Cagney
>Release:        7.0 beta; trunk
>Organization:
>Environment:
all
>Description:
The macro sprintf as defined in src/external/mit/lua/dist/src/luaconf.h vis:

    #define sprintf(s,fmt,...)  snprintf(s, sizeof(s), fmt, __VA_ARGS__)

is broken.  Consider correct code such as:

          char *buff = luaL_prepbuffsize(&b, MAX_ITEM);
          ...
          nb = sprintf(buff, form, n);

found in lstrlib.c.

>How-To-Repeat:
lua> print(string.format("%d", 1000000))
100

notice how it truncated the value to 4 bytes (the sizeof "char*" in this example).

>Fix:
Either, change the definition of sprintf to something like:

    snprintf(s, SIZE_MAX, fmt, __VA_ARGS__)

(as suggested by Joerg); or replace all sprintf calls with snprintf.








Home | Main Index | Thread Index | Old Index