stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Sebor (JIRA)" <j...@apache.org>
Subject [jira] Commented: (STDCXX-524) buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
Date Sat, 08 Sep 2007 00:17:31 GMT

    [ https://issues.apache.org/jira/browse/STDCXX-524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12525873
] 

Martin Sebor commented on STDCXX-524:
-------------------------------------

Right, the files don't need to be under locale_root. They're there for convenience, so that
we don't have to bother creating a temporary name for each and worry about forgetting to delete
(the driver does it automatically when the test exits).

It now occurs to me that there's another reason why the files are under locale_root and don't
get deleted in the function: to make debugging easier. When stepping through the test to understand
why certain things failed it was convenient to be able to see the locale definition files
for the locales created by the test.

Btw., to save time spent running the localedef utility, the make_LC_TIME() function is also
supposed to do any real work only the first time it's called and simply return the name of
the generated locale each subsequent time. That's the purpose of the locnamebuf static variable.
Unfortunately, this doesn't seem to be finished. It would be nice to make sure it does.

So, in summary I would prefer to keep the temporary files under locale_root and go with your
last alternative.

> buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME)
> ------------------------------------------------------------
>
>                 Key: STDCXX-524
>                 URL: https://issues.apache.org/jira/browse/STDCXX-524
>             Project: C++ Standard Library
>          Issue Type: Bug
>          Components: Tests
>    Affects Versions: 4.1.2, 4.1.3, 4.1.4
>            Reporter: Travis Vitek
>            Assignee: Travis Vitek
>            Priority: Trivial
>             Fix For: 4.2.1
>
>
> This test uses L_tmpnam to determine the length of a buffer used to store a filename
string. Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written
to with std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf()
call writes 58 bytes [this will vary based on user name and other variables]. Perhaps the
buffer should be made larger, or some other method should be used to fill the buffer. Perhaps
this would work.
> #if !defined (_WIN32) && !defined (_WIN64)
> #  define _PATH_MAX PATH_MAX
> #else
> #  define _PATH_MAX _MAX_PATH
> #endif
>     char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
>     std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message