This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/7075] sprintf(buf, "%sfoo", buf) has different results with -O2 -D_FORTIFY_SOURCE=2 (__sprintf_chk bug?)
- From: "kees at outflux dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 13 Jun 2014 20:36:28 +0000
- Subject: [Bug libc/7075] sprintf(buf, "%sfoo", buf) has different results with -O2 -D_FORTIFY_SOURCE=2 (__sprintf_chk bug?)
- Auto-submitted: auto-generated
- References: <bug-7075-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=7075
--- Comment #12 from Kees Cook <kees at outflux dot net> ---
It's not defined in POSIX, but it has worked a certain way in glibc for
decades. There's no _reason_ to break it for _FORTIFY_SOURCE. Pre-truncating
just silently breaks programs and does weird stuff. If you want to expose it
with _FORITFY_SOURCE then have vsprintf notice that the target and first format
argument are the same variable, and refuse to build.
Either pretruncation should be eliminated, or the undefined behavior should be
explicitly detected and dealt with. Just having programs lose data while
running with no indication of the cause seems like a terrible user experience.
--
You are receiving this mail because:
You are on the CC list for the bug.