incubator-stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Travis Vitek (JIRA)" <j...@apache.org>
Subject [jira] Created: (STDCXX-524) buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
Date Fri, 17 Aug 2007 22:22:30 GMT
buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
------------------------------------------------------------

                 Key: STDCXX-524
                 URL: https://issues.apache.org/jira/browse/STDCXX-524
             Project: C++ Standard Library
          Issue Type: Bug
          Components: Tests
            Reporter: Travis Vitek
            Priority: Trivial


This test uses L_tmpnam to determine the length of a buffer used to store a filename string.
Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written to with
std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf() call
writes 58 bytes [this will vary based on user name and other variables]. Perhaps the buffer
should be made larger, or some other method should be used to fill the buffer. Perhaps this
would work.

#if !defined (_WIN32) && !defined (_WIN64)
#  define _PATH_MAX PATH_MAX
#else
#  define _PATH_MAX _MAX_PATH
#endif

    char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
    std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);



-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message