lib/50269: bad macro: luaconf.h: #define sprintf(s,fmt,...) snprintf(s, sizeof(s), fmt, __VA_ARGS__)

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/50269: bad macro: luaconf.h: #define sprintf(s,fmt,...) snprintf(s, sizeof(s), fmt, __VA_ARGS__)
From: andrew.cagney%gmail.com@localhost
Date: Wed, 23 Sep 2015 20:00:00 +0000 (UTC)

>Number:         50269
>Category:       lib
>Synopsis:       bad macro: luaconf.h: #define sprintf(s,fmt,...)  snprintf(s, sizeof(s), fmt, __VA_ARGS__)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Sep 23 20:00:00 +0000 2015
>Originator:     Andrew Cagney
>Release:        7.0 beta; trunk
>Organization:
>Environment:
all
>Description:
The macro sprintf as defined in src/external/mit/lua/dist/src/luaconf.h vis:

    #define sprintf(s,fmt,...)  snprintf(s, sizeof(s), fmt, __VA_ARGS__)

is broken.  Consider correct code such as:

          char *buff = luaL_prepbuffsize(&b, MAX_ITEM);
          ...
          nb = sprintf(buff, form, n);

found in lstrlib.c.

>How-To-Repeat:
lua> print(string.format("%d", 1000000))
100

notice how it truncated the value to 4 bytes (the sizeof "char*" in this example).

>Fix:
Either, change the definition of sprintf to something like:

    snprintf(s, SIZE_MAX, fmt, __VA_ARGS__)

(as suggested by Joerg); or replace all sprintf calls with snprintf.

Prev by Date: Re: kern/50249 (XHCI driver missing delay after address set)
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: kern/50267: 7.0 RC3 will not boot
Next by Thread: Re: bin/49658 (Wrong comparison in pflogd.c)
Indexes:

Home | Main Index | Thread Index | Old Index