buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
------------------------------------------------------------
Key: STDCXX-524
URL: https://issues.apache.org/jira/browse/STDCXX-524
Project: C++ Standard Library
Issue Type: Bug
Components: Tests
Reporter: Travis Vitek
Priority: Trivial
This test uses L_tmpnam to determine the length of a buffer used to store a filename string.
Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written to with
std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf() call
writes 58 bytes [this will vary based on user name and other variables]. Perhaps the buffer
should be made larger, or some other method should be used to fill the buffer. Perhaps this
would work.
#if !defined (_WIN32) && !defined (_WIN64)
# define _PATH_MAX PATH_MAX
#else
# define _PATH_MAX _MAX_PATH
#endif
char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
|