Uploaded image for project: 'C++ Standard Library'
  1. C++ Standard Library
  2. STDCXX-524

buffer overflow in test 22.locale.time.get.cpp (make_LC_TIME)

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: 4.1.2, 4.1.3, 4.1.4
    • Fix Version/s: 4.2.1
    • Component/s: Tests
    • Labels:
      None
    • Patch Info:
      Patch Available
    • Severity:
      Runtime Error

      Description

      This test uses L_tmpnam to determine the length of a buffer used to store a filename string. Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written to with std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf() call writes 58 bytes [this will vary based on user name and other variables]. Perhaps the buffer should be made larger, or some other method should be used to fill the buffer. Perhaps this would work.

      #if !defined (_WIN32) && !defined (_WIN64)

      1. define _PATH_MAX PATH_MAX
        #else
      2. define _PATH_MAX _MAX_PATH
        #endif

      char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
      std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);

        Attachments

        1. stdcxx-524.patch
          8 kB
          Travis Vitek

          Activity

            People

            • Assignee:
              vitek Travis Vitek
              Reporter:
              vitek Travis Vitek
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: