apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@attglobal.net>
Subject Re: cvs commit: apr/strings apr_strings.c
Date Tue, 29 Jun 2004 01:25:15 GMT
wrowe@apache.org wrote:
> wrowe       2004/06/28 11:09:16
> 
>   Modified:    strings  Tag: APR_0_9_BRANCH apr_strings.c
>   Log:
>     Avoid any edge case or clib bug that might result in a string
>     overflow of the fixed 5-byte buffer for our size function.
>     Returns the '****' string when the buffer would overflow.
>     Backport of rev 1.47
>   
>   Reviewed by: trawick

reviewed but not approved ;)

it still has the same bug (apr_snprintf() doesn't return < 0 either)

>   Index: apr_strings.c
>   ===================================================================
>   RCS file: /home/cvs/apr/strings/apr_strings.c,v
>   retrieving revision 1.42.2.2
>   retrieving revision 1.42.2.3
>   diff -u -r1.42.2.2 -r1.42.2.3
>   --- apr_strings.c	4 Apr 2004 15:21:08 -0000	1.42.2.2
>   +++ apr_strings.c	28 Jun 2004 18:09:16 -0000	1.42.2.3
>   @@ -429,7 +429,8 @@
>            return strcpy(buf, "  - ");
>        }
>        if (size < 973) {
>   -        sprintf(buf, "%3d ", (int) size);
>   +        if (apr_snprintf(buf, 5, "%3d ", (int) size) < 0)

does not occur...  apr_snprintf would return the number of bytes stored in case 
  of an overflow


Mime
View raw message