From owner-freebsd-current@FreeBSD.ORG Sun Aug 22 23:35:45 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 73EDB16A4CE; Sun, 22 Aug 2004 23:35:45 +0000 (GMT) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 255BC43D39; Sun, 22 Aug 2004 23:35:44 +0000 (GMT) (envelope-from keramida@linux.gr) Received: from gothmog.gr (patr530-b181.otenet.gr [212.205.244.189]) i7MNZdh6005630; Mon, 23 Aug 2004 02:35:40 +0300 Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.13.1/8.13.1) with ESMTP id i7MNYHEq080025; Mon, 23 Aug 2004 02:34:17 +0300 (EEST) (envelope-from keramida@linux.gr) Received: (from giorgos@localhost) by gothmog.gr (8.13.1/8.13.1/Submit) id i7MNYEXl080024; Mon, 23 Aug 2004 02:34:14 +0300 (EEST) (envelope-from keramida@linux.gr) Date: Mon, 23 Aug 2004 02:34:14 +0300 From: Giorgos Keramidas To: Sean McNeil Message-ID: <20040822233414.GA79931@gothmog.gr> References: <1092777586.92327.9.camel@server.mcneil.com> <20040817213813.GE3827@gothmog.gr> <1092951447.1167.12.camel@server.mcneil.com> <4127841D.6050104@freebsd.org> <1093213755.72863.0.camel@server.mcneil.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1093213755.72863.0.camel@server.mcneil.com> Phone: +30-2610-312145 Mobile: +30-6944-116520 cc: Tim Kientzle cc: freebsd-current@freebsd.org Subject: Re: bsdtar core dumps X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Aug 2004 23:35:45 -0000 On 2004-08-22 15:29, Sean McNeil wrote: > On Sat, 2004-08-21 at 10:19, Tim Kientzle wrote: > > The code you've pointed to above concerns me because of the part about: > > if (n == 0) { > > ... > > n = 1; > > } > > > > That ain't right: If I told vsnprintf the buffer size was zero, it > > should treat it as such. If I meant "one", I would have said "one." > > > > On the other hand, the vsnprintf.3 man page does explicitly state > > that "the output is always null-terminated," which would preclude > > passing a zero-length buffer, which is exactly what libarchive is > > doing in this situation. It is bogus, but at least it's documented > > bogosity. ;-) The vsnprintf() function cannot pass a zero-length buffer to __vfprintf() because the __vfprintf() function is expected return the number of bytes it would need to do the real printing. It's not illegal to pass a zero-length bugger to vsnprintf(); at least it's not specifically prohibited by the manpage. The following program *DOES* pass zero as the length of the buffer to vsnprintf() and a NULL pointer as the buffer address but doesn't fault on an i386 machine: 1 #include 2 #include 3 4 size_t koko(const char *_fmt, ...); 5 6 int 7 main(void) 8 { 9 size_t foo; 10 11 foo = koko("%ld", 5); 12 printf("rc = %lu\n", (unsigned long)foo); 13 return 0; 14 } 15 16 size_t 17 koko(const char *fmt, ...) 18 { 19 size_t rc; 20 va_list ap; 21 22 va_start(ap, fmt); 23 rc = vsnprintf(NULL, 0, fmt, ap); 24 va_end(ap); 25 return rc; 26 }