compel: std_vprint_num returns a null-terminated string

Submitted by Joel Nider on May 7, 2018, 1:36 p.m.

Details

Message ID 1525700183-60272-1-git-send-email-joeln@il.ibm.com
State New
Series "compel: std_vprint_num returns a null-terminated string"
Headers show

Commit Message

Joel Nider May 7, 2018, 1:36 p.m.
This function is an analogue to vsprintf(), and is used in very much the
same way. The caller expects the modified string pointer to be pointing to
a null-terminated string.

Signed-off-by: Joel Nider <joeln@il.ibm.com>
---
 compel/plugins/std/log.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/compel/plugins/std/log.c b/compel/plugins/std/log.c
index 2d622d6..4f2e9e7 100644
--- a/compel/plugins/std/log.c
+++ b/compel/plugins/std/log.c
@@ -143,6 +143,7 @@  int std_vprint_num(char *buf, int blen, int num, char **ps)
 	char *s;
 
 	s = &buf[blen - 1];
+	*s-- = 0; /* make sure the returned string is NULL terminated */
 
 	if (num < 0) {
 		neg = 1;
@@ -166,7 +167,7 @@  int std_vprint_num(char *buf, int blen, int num, char **ps)
 done:
 	s++;
 	*ps = s;
-	return blen - (s - buf);
+	return blen - (s - buf) - 1;
 }
 
 static void print_num(int num, struct simple_buf *b)

Comments

Andrei Vagin May 7, 2018, 9:21 p.m.
On Mon, May 07, 2018 at 04:36:23PM +0300, Joel Nider wrote:
> This function is an analogue to vsprintf(), and is used in very much the
> same way. The caller expects the modified string pointer to be pointing to
> a null-terminated string.
> 
> Signed-off-by: Joel Nider <joeln@il.ibm.com>
> ---
>  compel/plugins/std/log.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/compel/plugins/std/log.c b/compel/plugins/std/log.c
> index 2d622d6..4f2e9e7 100644
> --- a/compel/plugins/std/log.c
> +++ b/compel/plugins/std/log.c
> @@ -143,6 +143,7 @@ int std_vprint_num(char *buf, int blen, int num, char **ps)
>  	char *s;
>  
>  	s = &buf[blen - 1];
> +	*s-- = 0; /* make sure the returned string is NULL terminated


I think you need to fix print_num for this case. it gives a buffer which
length is only 11 bytes and after these changes it will be not enough.

>  
>  	if (num < 0) {
>  		neg = 1;
> @@ -166,7 +167,7 @@ int std_vprint_num(char *buf, int blen, int num, char **ps)
>  done:
>  	s++;
>  	*ps = s;
> -	return blen - (s - buf);
> +	return blen - (s - buf) - 1;
>  }
>  
>  static void print_num(int num, struct simple_buf *b)
> -- 
> 2.7.4
>