[chbot] Weirdness in parameter interpretation in C lib function
Robin Gilks
gb7ipd at gmail.com
Tue Jul 30 01:26:20 BST 2024
Wow - I've looked at multiple man pages and that's the only one that
specifies that 'size' refers to the destination length.
I fully understand now what the warning is referring to - if 'size' was the
format string length (as implied by most documentation) it made no sense at
all.
Well done gang ;)
On Tue, Jul 30, 2024 at 11:41 AM Stuart Brown <stuartbrown2 at gmail.com>
wrote:
> It all depends on what documentation you look at. For example
> https://www.w3schools.com/c/ref_stdio_snprintf.php states it is the size
> of the output buffer. The point of it is to avoid buffer overruns, so size
> of output buffer makes sense.
>
> If you want to use size of data, then you need to account for the extra
> bytes you are adding in the format string. The SSID is 30, and you add
> "SSID" a space and a new line. This makes 36 bytes, plus the null
> terminator added by the function. so your second argument must be "sizeof
> (scandata[index].ssid) + 7". But then the onus is on you to ensure that
> 'buf' is large enough
>
> If instead you use 'snprintf(buf, sizeof(buf), "SSID
> %s\n",scandata[index].ssid);' then you need to worry, the compiler will
> catch the situation where the data will overflow the buffer.
>
> On Tue, 30 Jul 2024 at 11:21, Robin Gilks <gb7ipd at gmail.com> wrote:
>
>> You make the same assumption as the library coder - that 'size' is the
>> length of the output buffer. The man page says otherwise
>>
>> *The functions snprintf() and vsnprintf() write at most size bytes
>> (including the terminating null byte ('\0')) to str.*
>>
>>
>> *This is defining the amount written, not the maximum the outbuffer can
>> hold - nowhere does it say that 'size' is the length of 'str'*
>>
>>
>>
>> On Tue, Jul 30, 2024 at 11:12 AM Simeon Pilgrim <simeon.pilgrim at gmail.com>
>> wrote:
>>
>>> ```
>>> char* test(uint8_t index)
>>> {
>>> #define DEST_BUF_SIZE 100
>>>
>>> if (index < NUMRESULTS) {
>>> static char buf[DEST_BUF_SIZE];
>>>
>>> snprintf(buf, DEST_BUF_SIZE, "SSID %s\n", scandata[index].ssid);
>>> return buf;
>>> }
>>> return "INVALID INDEX";
>>> }
>>> ```
>>>
>>> On Tue, 30 Jul 2024 at 11:05, Simeon Pilgrim <simeon.pilgrim at gmail.com>
>>> wrote:
>>>
>>>> you have provided a pointer (to memory), AND you have declared it 30
>>>> bytes long. This is what YOU HAVE done. The compiler is HELPING YOU by
>>>> pointing out 37 > 30, which it is.
>>>>
>>>> If you want the compiler to help you correctly, tell the compiler the
>>>> length of the data you have, which is 100.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, 30 Jul 2024 at 10:58, Robin Gilks <gb7ipd at gmail.com> wrote:
>>>>
>>>>> But I've provided 100 bytes, not 30!!
>>>>>
>>>>> On Tue, Jul 30, 2024 at 10:40 AM Simeon Pilgrim
>>>>> <simeon.pilgrim at gmail.com> wrote:
>>>>> >
>>>>> > the second parameter should be the size of the destination buffer,
>>>>> thus the code should be:
>>>>> >
>>>>> > snprintf (buf, 100, "SSID %s\n",
>>>>> >
>>>>> > or
>>>>> >
>>>>> > snprintf (buf, sizeof(buf), "SSID %s\n",
>>>>> >
>>>>> > your format string is 7 tokens (6 + zero termination) + the 30 byte
>>>>> string ssid, which is larger than 30 you have provided.
>>>>> >
>>>>> > The snprintf functions are "safe truncation" functions, not handy
>>>>> dandy truncation utilities, thus the warning that you might have truncation.
>>>>> >
>>>>> > On Tue, 30 Jul 2024 at 10:27, Robin Gilks <gb7ipd at gmail.com> wrote:
>>>>> >>
>>>>> >> Since there are a few C programmers in the group I thought I'd ask
>>>>> >> this (interesting?) question
>>>>> >>
>>>>> >> Here is a bit of sample code to illustrate:
>>>>> >>
>>>>> >>
>>>>> ----------------------------------------------------------------------------
>>>>> >> #include <stdio.h>
>>>>> >> #include <stdint.h>
>>>>> >>
>>>>> >>
>>>>> >> typedef struct
>>>>> >> {
>>>>> >> char ssid[30];
>>>>> >> int8_t rssi;
>>>>> >> } ScanResult;
>>>>> >>
>>>>> >> #define NUMRESULTS 50 // how many tracked simultaneously
>>>>> >>
>>>>> >> static ScanResult scandata[NUMRESULTS];
>>>>> >>
>>>>> >> void
>>>>> >> main (void)
>>>>> >> {
>>>>> >> }
>>>>> >>
>>>>> >>
>>>>> >> char * test (uint8_t index)
>>>>> >> {
>>>>> >> static char buf[100];
>>>>> >>
>>>>> >> snprintf (buf, sizeof (scandata[index].ssid), "SSID %s\n",
>>>>> >> scandata[index].ssid);
>>>>> >> return buf;
>>>>> >>
>>>>> >> }
>>>>> >>
>>>>> ----------------------------------------------------------------------------
>>>>> >> Save as test.c; compile with gcc test.c
>>>>> >>
>>>>> >> The warning indicates that the destination buffer may be too small
>>>>> >>
>>>>> >> test.c: In function ‘test’:
>>>>> >> test.c:25:56: warning: ‘%s’ directive output may be truncated
>>>>> writing
>>>>> >> up to 29 bytes into a region of size 25 [-Wformat-truncation=]
>>>>> >> 25 | snprintf (buf, sizeof (scandata[index].ssid), "SSID
>>>>> %s\n",
>>>>> >> scandata[index].ssid);
>>>>> >> | ^~
>>>>> >> test.c:25:4: note: ‘snprintf’ output between 7 and 36 bytes into a
>>>>> >> destination of size 30
>>>>> >> 25 | snprintf (buf, sizeof (scandata[index].ssid), "SSID
>>>>> %s\n",
>>>>> >> scandata[index].ssid);
>>>>> >> |
>>>>> >>
>>>>> >> This appear to be treating the size parameter in the snprintf as
>>>>> being
>>>>> >> the size of the output buffer 'buf' (which is 100 bytes long) but
>>>>> >> surely it should be applying the restriction on the format string
>>>>> that
>>>>> >> includes scandata[index].ssid (which is 30 bytes long)
>>>>> >>
>>>>> >> Am I just having brain fade or is that just fundamentally wrong?
>>>>> >>
>>>>> >> --
>>>>> >> Robin Gilks
>>>>> >>
>>>>> >> _______________________________________________
>>>>> >> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>>>>> >> https://lists.ourshack.com/mailman/listinfo/chchrobotics
>>>>> >> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>>>>> >> Meetings usually 3rd Monday each month. See http://kiwibots.org
>>>>> for venue, directions and dates.
>>>>> >> When replying, please edit your Subject line to reflect new
>>>>> subjects.
>>>>> >
>>>>> > _______________________________________________
>>>>> > Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>>>>> > https://lists.ourshack.com/mailman/listinfo/chchrobotics
>>>>> > Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>>>>> > Meetings usually 3rd Monday each month. See http://kiwibots.org for
>>>>> venue, directions and dates.
>>>>> > When replying, please edit your Subject line to reflect new subjects.
>>>>>
>>>>> _______________________________________________
>>>>> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>>>>> https://lists.ourshack.com/mailman/listinfo/chchrobotics
>>>>> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>>>>> Meetings usually 3rd Monday each month. See http://kiwibots.org for
>>>>> venue, directions and dates.
>>>>> When replying, please edit your Subject line to reflect new subjects.
>>>>
>>>> _______________________________________________
>>> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>>> https://lists.ourshack.com/mailman/listinfo/chchrobotics
>>> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>>> Meetings usually 3rd Monday each month. See http://kiwibots.org for
>>> venue, directions and dates.
>>> When replying, please edit your Subject line to reflect new subjects.
>>
>> _______________________________________________
>> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>> https://lists.ourshack.com/mailman/listinfo/chchrobotics
>> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>> Meetings usually 3rd Monday each month. See http://kiwibots.org for
>> venue, directions and dates.
>> When replying, please edit your Subject line to reflect new subjects.
>
> _______________________________________________
> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
> https://lists.ourshack.com/mailman/listinfo/chchrobotics
> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
> Meetings usually 3rd Monday each month. See http://kiwibots.org for
> venue, directions and dates.
> When replying, please edit your Subject line to reflect new subjects.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/chchrobotics/attachments/20240730/3745855f/attachment.html>
More information about the Chchrobotics
mailing list