[STDCXX-524] buffer overflow in test 22.locale.time.get.cpp (make_LC_TIME) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Trivial
Resolution: Fixed
Affects Version/s: 4.1.2, 4.1.3, 4.1.4
Fix Version/s: 4.2.1
Component/s: Tests
Labels:
None

Patch Info:

Patch Available
Severity:
Runtime Error

Description

This test uses L_tmpnam to determine the length of a buffer used to store a filename string. Unfortunately, L_tmpnam is intended for use with tmpnam(), but the buffer is written to with std::sprintf(). When I run the test, the allocated buffer is 46 bytes, and the sprintf() call writes 58 bytes [this will vary based on user name and other variables]. Perhaps the buffer should be made larger, or some other method should be used to fill the buffer. Perhaps this would work.

#if !defined (_WIN32) && !defined (_WIN64)

define _PATH_MAX PATH_MAX
#else
define _PATH_MAX _MAX_PATH
#endif

char srcfname [_PATH_MAX]; // [L_tmpnam + 32];
std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root);

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

stdcxx-524.patch
12/Dec/07 18:58
8 kB
Travis Vitek

Activity

People

Assignee:: Travis Vitek

Reporter:: Travis Vitek

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 17/Aug/07 22:22

Updated:: 19/Dec/07 21:50

Resolved:: 19/Dec/07 21:50