From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Vrabel <david.vrabel@citrix.com>
Subject: Re: [PATCH] Convert hvmloader sprintf() into snprintf()
Date: Tue, 29 Nov 2011 14:19:36 +0000
Message-ID: <4ED4E9F8.90208@citrix.com>
References: <e1e952982cf1d7a0c38a.1322574154@cosworth.uk.xensource.com>	<4ED4E4C1.10605@citrix.com>
	<291EDFCB1E9E224A99088639C4762022B5988E4F0C@LONPMAILBOX01.citrite.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <291EDFCB1E9E224A99088639C4762022B5988E4F0C@LONPMAILBOX01.citrite.net>
List-Unsubscribe: <http://lists.xensource.com/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Paul Durrant <Paul.Durrant@citrix.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, David Vrabel <david.vrabel@citrix.com>
List-Id: xen-devel@lists.xenproject.org

On 29/11/11 14:12, Paul Durrant wrote:
>> -----Original Message-----
>> From: David Vrabel
>> Sent: 29 November 2011 13:57
>> To: Paul Durrant
>> Cc: xen-devel@lists.xensource.com
>> Subject: Re: [Xen-devel] [PATCH] Convert hvmloader sprintf() into
>> snprintf()
>>
> [snip]
>>> +static void __copy(void *arg, char c)
>>>  {
>>> -    **buf = c;
>>> -    (*buf)++;
>>> +    struct __copy_context *ctxt = arg;
>>> +
>>> +    ctxt->emitted++;
>>> +
>>> +    if (ctxt->remaining == 0)
>>> +        return;
>>> +
>>> +    *(ctxt->ptr++) = c;
>>> +    --ctxt->remaining;
>>>  }
>>>
>>> -int sprintf(char *buf, const char *fmt, ...)
>>> +int snprintf(char *buf, size_t size, const char *fmt, ...)
>>>  {
>>>      va_list ap;
>>> +    struct __copy_context ctxt;
>>> +
>>> +    ctxt.ptr = buf;
>>> +    ctxt.emitted = 0;
>>> +    ctxt.remaining = size;
>>>
>>>      va_start(ap, fmt);
>>> -    _doprint(__copy, &buf, fmt, ap);
>>> +    _doprint(__copy, &ctxt, fmt, ap);
>>>      va_end(ap);
>>>
>>> -    *buf = '\0';
>>> -    return 0;
>>> +    if (ctxt.remaining != 0)
>>> +        *ctxt.ptr = '\0';
>>> +
>>> +    return ctxt.emitted;
>>>  }
>>
>> This doesn't return the correct value according the C99.  From the
>> snprintf() man page:
>>
>> "The functions snprintf() and vsnprintf() do not write  more  than
>> size  bytes  (including  the trailing '\0').  If the output was
>> truncated due  to this limit then the return value is the number  of
>> characters  (not  including the trailing '\0') which would have been
>> written to the final  string if enough space had been available.
>> Thus,  a  return  value  of  size  or  more  means  that  the output
>> was truncated."
>>
>
> Actually, reading the code again, it is correct isn't it?
> ctxt.emitted is bumped for every character emitted by _doprint()
> regardless of whether it makes it into the buffer or not so in an
> overflow case the value returned will be the number of characters
> which would have been written not including the nul terminator.

Er. Yes, it is correct. My mistake.

David