apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r420858 - in /apr/apr/trunk: strings/apr_snprintf.c test/teststr.c
Date Tue, 11 Jul 2006 14:12:30 GMT
Author: jorton
Date: Tue Jul 11 07:12:29 2006
New Revision: 420858

URL: http://svn.apache.org/viewvc?rev=420858&view=rev
Log:
* strings/apr_snprintf.c (apr_snprintf, apr_vsnprintf): Fix to
returning number of bytes *without* NUL in overflow case.

* test/teststr.c (snprintf_overflow): New test case.

PR: 39996
Submitted by: Michal Luczaj <regenrecht o2.pl>

Modified:
    apr/apr/trunk/strings/apr_snprintf.c
    apr/apr/trunk/test/teststr.c

Modified: apr/apr/trunk/strings/apr_snprintf.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/strings/apr_snprintf.c?rev=420858&r1=420857&r2=420858&view=diff
==============================================================================
--- apr/apr/trunk/strings/apr_snprintf.c (original)
+++ apr/apr/trunk/strings/apr_snprintf.c Tue Jul 11 07:12:29 2006
@@ -1360,7 +1360,7 @@
     if (len != 0) {
         *vbuff.curpos = '\0';
     }
-    return (cc == -1) ? (int)len : cc;
+    return (cc == -1) ? (int)len - 1 : cc;
 }
 
 
@@ -1383,5 +1383,5 @@
     if (len != 0) {
         *vbuff.curpos = '\0';
     }
-    return (cc == -1) ? (int)len : cc;
+    return (cc == -1) ? (int)len - 1 : cc;
 }

Modified: apr/apr/trunk/test/teststr.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/test/teststr.c?rev=420858&r1=420857&r2=420858&view=diff
==============================================================================
--- apr/apr/trunk/test/teststr.c (original)
+++ apr/apr/trunk/test/teststr.c Tue Jul 11 07:12:29 2006
@@ -363,6 +363,26 @@
     ABTS_TRUE(tc, ret[1] == 'Z');
 }
 
+static void snprintf_overflow(abts_case *tc, void *data)
+{
+    char buf[4];
+    int rv;
+    
+    buf[2] = '4';
+    buf[3] = '2';
+
+    rv = apr_snprintf(buf, 2, "%s", "a");
+    ABTS_INT_EQUAL(tc, 1, rv);
+
+    rv = apr_snprintf(buf, 2, "%s", "abcd");
+    ABTS_INT_EQUAL(tc, 1, rv);
+
+    ABTS_STR_EQUAL(tc, buf, "a");
+
+    /* Check the buffer really hasn't been overflowed. */
+    ABTS_TRUE(tc, buf[2] == '4' && buf[3] == '2');
+}
+
 abts_suite *teststr(abts_suite *suite)
 {
     suite = ADD_SUITE(suite)
@@ -379,6 +399,7 @@
     abts_run_test(suite, overflow_strfsize, NULL);
     abts_run_test(suite, string_strfsize, NULL);
     abts_run_test(suite, string_cpystrn, NULL);
+    abts_run_test(suite, snprintf_overflow, NULL);
 
     return suite;
 }



Mime
View raw message