Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Aug 2004 02:34:14 +0300
From:      Giorgos Keramidas <keramida@linux.gr>
To:        Sean McNeil <sean@mcneil.com>
Cc:        freebsd-current@freebsd.org
Subject:   Re: bsdtar core dumps
Message-ID:  <20040822233414.GA79931@gothmog.gr>
In-Reply-To: <1093213755.72863.0.camel@server.mcneil.com>
References:  <1092777586.92327.9.camel@server.mcneil.com> <20040817213813.GE3827@gothmog.gr> <1092951447.1167.12.camel@server.mcneil.com> <4127841D.6050104@freebsd.org> <1093213755.72863.0.camel@server.mcneil.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2004-08-22 15:29, Sean McNeil <sean@mcneil.com> wrote:
> On Sat, 2004-08-21 at 10:19, Tim Kientzle wrote:
> > The code you've pointed to above concerns me because of the part about:
> >      if (n == 0) {
> >            ...
> >            n = 1;
> >      }
> >
> > That ain't right: If I told vsnprintf the buffer size was zero, it
> > should treat it as such.  If I meant "one", I would have said "one."
> >
> > On the other hand, the vsnprintf.3 man page does explicitly state
> > that "the output is always null-terminated," which would preclude
> > passing a zero-length buffer, which is exactly what libarchive is
> > doing in this situation.  It is bogus, but at least it's documented
> > bogosity. ;-)

The vsnprintf() function cannot pass a zero-length buffer to __vfprintf()
because the __vfprintf() function is expected return the number of bytes it
would need to do the real printing.  It's not illegal to pass a zero-length
bugger to vsnprintf(); at least it's not specifically prohibited by the
manpage.  The following program *DOES* pass zero as the length of the
buffer to vsnprintf() and a NULL pointer as the buffer address but doesn't
fault on an i386 machine:

     1	#include <stdarg.h>
     2	#include <stdio.h>
     3
     4	size_t koko(const char *_fmt, ...);
     5
     6	int
     7	main(void)
     8	{
     9		size_t foo;
    10
    11		foo = koko("%ld", 5);
    12		printf("rc = %lu\n", (unsigned long)foo);
    13		return 0;
    14	}
    15
    16	size_t
    17	koko(const char *fmt, ...)
    18	{
    19		size_t rc;
    20		va_list ap;
    21
    22		va_start(ap, fmt);
    23		rc = vsnprintf(NULL, 0, fmt, ap);
    24		va_end(ap);
    25		return rc;
    26	}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040822233414.GA79931>