This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: snprintf allocates memory?!?


Jakub Jelinek <jakub@redhat.com> wrote:

> On Thu, Apr 10, 2008 at 10:15:10PM +0200, Jim Meyering wrote:
>> There is a surprising bug in glibc's snprintf:
>> it can _allocate memory_ (and an arbitrarily large amount)
>> even for a tiny buffer.  Just filed as BZ 441945.
>> Obviously, snprintf should never need to call malloc.
>
> Why?
>
> POSIX says:
> Implementations may support additional errors not included in this list, may
> generate errors included in this list under circumstances other than those
> described here, or may contain extensions or limitations that prevent some
> errors from occurring. The ERRORS section on each reference page specifies
> whether an error shall be returned, or whether it may be returned.
> Implementations shall not generate a different error number from the ones
> described here for error conditions described in this volume of IEEE Std
> 1003.1-2001, but may generate additional errors unless explicitly disallowed
> for a particular function.
>
> and I certainly don't see anything explicitly disallowing ENOMEM for
> snprintf.

Sure, POSIX may actually allow the behavior of that particular
program, but how about a slightly different usage, (this is from
my 2nd BZ comment):

  snprintf (NULL, 0, fmt, 1);

Currently, that call fails just like the one in the original
test program.  However, POSIX requires something else:

   If the value of n is zero on a call to snprintf(),
   nothing shall be written, the number of bytes that
   would have been written had n been sufficiently large
   excluding the terminating null shall be returned, and
   s may be a null pointer.

Those look like pretty firm 'shall's, and
failing does not seem to be an option, here.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]