[chbot] snprintf
Charles Manning
cdhmanning at gmail.com
Tue Jul 30 22:35:25 BST 2024
There is a solid reason to use snprintf rather than sprintf.
snprintf will prevent writing off the end of the buffer.
char str[5];
sprintf(str,"%s", "This is a long string which will overwrite the end of
the buffer and cause unintended consequences");
snprints(str, sizeof(str),"%s", "This is a long string but it will be
truncated to fit in the buffer so no unintended consequences");
On Wed, Jul 31, 2024 at 7:16 AM Simeon Pilgrim <simeon.pilgrim at gmail.com>
wrote:
> Ok, good point, if we ignore the history of the language. Ignore the
> warning and what itis pointing. Heck let ignore the fact you read a terse
> man page.
>
> Why are you use snprintf, instead of sprintf, and what did you want
> tohappen, because the all the non string saffety trick are valid formatting
> rules. Aka use %*s and two variables
>
> On 30 Jul 2024, at 11:55 PM, Robin Gilks <gb7ipd at gmail.com> wrote:
>
>
> Absolutely correct
> As I quoted previously from the man page
>
> *The functions snprintf() and vsnprintf() write at most size bytes
> (including the terminating null byte ('\0')) to str.*Note there is no
> qualification of what 'size' is referring to, only that it is a restriction
> of what is written, nothing to indicate that it's the length of str.
> That's the whole problem - sloppy specifications!
>
> I have a standard question I always ask of people who are specifying
> anything: "what colour should it be?"
> This avoids the exclamation from the developer one day before delivery of:
> "colour, colour - nobody told us it had to have a colour!!"
>
>
> On Tue, Jul 30, 2024 at 10:00 PM Bevin Brett <bevin_brett at hotmail.com>
> wrote:
>
>> Getting rid of the struct and the indexing, what you have is
>>
>> char ssid[30];
>> char buf[100]
>>
>> snprintf (buf, sizeof (ssid), "SSID %s\n", ssid);
>>
>> which is a request to write 5 chars ("SSID ") followed by any number of
>> chars ending in a NUL (perhaps overrunning the end of ssid if there are no
>> NUL in it) followed by \n and a trailing NUL into the first upto 30
>> characters of buf. The warning is assuming (incorrectly) that ssid
>> will contain less than 30 non-NULL characters, hence decides may need upto
>> 37 characters (should have been 36) (5 + 29 + 1 + 1) and you have only
>> supplied 30
>>
>> /Bevin
>> _______________________________________________
>> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
>> https://lists.ourshack.com/mailman/listinfo/chchrobotics
>> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
>> Meetings usually 3rd Monday each month. See http://kiwibots.org for
>> venue, directions and dates.
>> When replying, please edit your Subject line to reflect new subjects.
>>
> _______________________________________________
> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
> https://lists.ourshack.com/mailman/listinfo/chchrobotics
> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
> Meetings usually 3rd Monday each month. See http://kiwibots.org for
> venue, directions and dates.
> When replying, please edit your Subject line to reflect new subjects.
>
> _______________________________________________
> Chchrobotics mailing list Chchrobotics at lists.ourshack.com
> https://lists.ourshack.com/mailman/listinfo/chchrobotics
> Mail Archives: http://lists.ourshack.com/pipermail/chchrobotics/
> Meetings usually 3rd Monday each month. See http://kiwibots.org for
> venue, directions and dates.
> When replying, please edit your Subject line to reflect new subjects.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/chchrobotics/attachments/20240731/b7fabfb4/attachment-0001.html>
More information about the Chchrobotics
mailing list