Bugs item #2671602, was opened at 2009-03-07 16:31
Message generated for change (Comment added) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2671602&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
>Category: client module
Group: portability problem
Status: Open
>Resolution: Works For Me
Priority: 5
Private: No
Submitted By: Bill Egert (boogachamp)
>Assigned to: Daniel Stenberg (bagder)
Summary: ./src/main.c Overlapping data buffer 'dirbuildup'

Initial Comment:
Using curl 7.19.4

"If copying takes place between objects that overlap as a result of a call to
sprintf() or snprintf(), the results are undefined."
http://www.opengroup.org/onlinepubs/000095399/functions/printf.html

E.g. on line 5290 you have:
sprintf(dirbuildup,"%s%s%s",dirbuildup, DIR_CHAR, tempdir);

cppcheck 1.29 (https://sourceforge.net/projects/cppcheck/) yeilds:
[./src/main.c:5290]: (error) Overlapping data buffer dirbuildup

----------------------------------------------------------------------

>Comment By: Daniel Stenberg (bagder)
Date: 2009-03-08 00:52

Message:
This reports assume that we're using a sprintf() implementation anywhere
where this might be a problem.

However, curl uses the curlx_ printf setup from libcurl's source code base
so we can in fact know that we use the same implementation on all platforms
and thus I can't see how this is an actual bug in curl atm. Can you?

We should most likely change this code anyway to make it more obvious and
less relying on obscure features.

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2671602&group_id=976
Received on 2009-03-08