From: Thomas Rast <trast@student.ethz.ch>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
Alexander Potashev <aspotashev@gmail.com>,
Johannes Sixt <johannes.sixt@telecom.at>
Subject: Re: What's cooking in git.git (Jun 2009, #01; Fri, 12)
Date: Fri, 12 Jun 2009 12:04:35 +0200 [thread overview]
Message-ID: <200906121204.37752.trast@student.ethz.ch> (raw)
In-Reply-To: <7v1vppbyud.fsf@alter.siamese.dyndns.org>
Junio C Hamano wrote:
> * tr/die_errno (Mon Jun 8 23:02:20 2009 +0200) 4 commits
> - Use die_errno() instead of die() when checking syscalls
> - Convert existing die(..., strerror(errno)) to die_errno()
> - die_errno(): double % in strerror() output just in case
> - Introduce die_errno() that appends strerror(errno) to die()
I had a look at your
[526abe63] die_errno(): double % in strerror() output just in case
and it seems it doesn't cover all corner cases:
> @@ -64,8 +64,20 @@ void die_errno(const char *fmt, ...)
> {
> va_list params;
> char fmt_with_err[1024];
> -
> - snprintf(fmt_with_err, sizeof(fmt_with_err), "%s: %s", fmt, strerror(errno));
> + char str_error[256], *err;
> + int i, j;
> +
> + err = strerror(errno);
> + for (i = j = 0; err[i] && j < sizeof(str_error) - 1; ) {
> + if ((str_error[j++] = err[i++]) != '%')
> + continue;
If we copied a '%' here, but filled 'str_error', then
> + if (j < sizeof(str_error) - 1)
> + str_error[j++] = '%';
> + else
> + break;
we 'break' here, instead of tacking on another '%'. This subsequently
leaves a single trailing '%' at the end of the string. A possible fix
would be to use
+ else {
+ j--;
+ break;
+ }
instead, so that the terminator ends up on the second-to-last position
in the string, overwriting the lonely '%'.
> + }
> + str_error[j] = 0;
> + snprintf(fmt_with_err, sizeof(fmt_with_err), "%s: %s", fmt, str_error);
>
> va_start(params, fmt);
> die_routine(fmt_with_err, params);
I cannot find an explicit mention that trailing '%'s are bad, and my
printf() just ignores them, but 'man 3p printf' (showing a "POSIX
Programmer's Manual" entry that I can't seem to find on the web...) at
least states
[after explaining all conversion specifiers]
If a conversion specification does not match one of the above forms,
the behavior is undefined. If any argument is not the correct type
for the corresponding conversion specification, the behavior is
undefined.
[I still like v2 better because it's far less complicated...]
--
Thomas Rast
trast@{inf,student}.ethz.ch
next prev parent reply other threads:[~2009-06-12 10:04 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-12 9:11 What's cooking in git.git (Jun 2009, #01; Fri, 12) Junio C Hamano
2009-06-12 10:04 ` Thomas Rast [this message]
2009-06-12 14:19 ` Michael J Gruber
2009-06-12 18:38 ` Brandon Casey
2009-06-12 19:40 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200906121204.37752.trast@student.ethz.ch \
--to=trast@student.ethz.ch \
--cc=aspotashev@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johannes.sixt@telecom.at \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox