[PATCH 4/4] cpukit/libmisc/dumpbuf/dumpbuf.c: Fix undefined behavior for sprintf().

Daniel Gutson daniel.gutson at tallertechnologies.com
Wed Sep 2 03:10:54 UTC 2015 

El 1/9/2015 23:10, "Joel Sherrill" <joel.sherrill at oarcorp.com> escribió:
>
>
>
> On September 1, 2015 8:33:54 PM CDT, Daniel Gutson <
daniel.gutson at tallertechnologies.com> wrote:
> >Is there any reason to not declare these variables as unsigned (int)?
> >IIUC strlen returns an unsigned integral. Sign-correctnesd doesn't hurt
> >and I saw many bugs caused by the lack of it (the last one being pushed
> >few says ago in the Chromium beowser).
>
> I was wondering if they should be size_t when I looked at the code. I
will check that and change it.
>
> I was more concerned that none of the calls used the n version of the
string or snprintf() method. I planned to fix that on the master. We
probably need to make a rule to ban use of the non-n versions of the string
methods.

I couldn't agree more.

>
>
>
> >El 1/9/2015 18:41, "Joel Sherrill" <joel.sherrill at oarcorp.com>
> >escribió:
> >
> >Updates #2405.
> >---
> > cpukit/libmisc/dumpbuf/dumpbuf.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> >diff --git a/cpukit/libmisc/dumpbuf/dumpbuf.c
> >b/cpukit/libmisc/dumpbuf/dumpbuf.c
> >index 9d34d42..36a8656 100644
> >--- a/cpukit/libmisc/dumpbuf/dumpbuf.c
> >+++ b/cpukit/libmisc/dumpbuf/dumpbuf.c
> >@@ -62,18 +62,20 @@ static inline void Dump_Line(
> >
> >   int  i;
> >   char line_buffer[120];
> >+  int  len;
> >
> >   line_buffer[0] = '\0';
> >
> >   for( i=0 ; i<length ; i++ )
> >-    sprintf( line_buffer, "%s%02x ", line_buffer, buffer[ i ] );
> >+    sprintf( &line_buffer[i*3], "%02x ", buffer[ i ] );
> >
> >   for( ; i<16 ; i++ )
> >     strcat( line_buffer, "   " );
> >
> >   strcat( line_buffer, "|" );
> >+  len = strlen( line_buffer );
> >   for( i=0 ; i<length ; i++ )
> >-    sprintf( line_buffer, "%s%c", line_buffer,
> >+    sprintf( &line_buffer[len+i], "%c",
> >              isprint( buffer[ i ] ) ? buffer[ i ] : '.' );
> >
> >   for( ; i<16 ; i++ )
> >--
> >1.8.3.1
> >
> >_______________________________________________
> >devel mailing list
> >devel at rtems.org
> >http://lists.rtems.org/mailman/listinfo/devel
>
> --joel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20150902/4c853066/attachment.html>

More information about the devel mailing list