This is the mail archive of the mailing list for the eCos project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug 1001490] C99 snprintf() does not include terminated null intruncated strings

Please do not reply to this email. Use the web interface provided at:

--- Comment #6 from Bernd Edlinger <> 2012-08-09 08:49:57 BST ---
(In reply to comment #5)
> It's okay for ("%.18f\n", 3.14e-11)
>    0.000000000031400000

but not quite OK for these:
("%.18f\n", 3.1415926E-11)
eCos: "0.000000000031400000"
glib: "0.000000000031415926"

("%.18f\n", DBL_MAX*2)
eCos: "inf000"
glib: "inf"

> But the padding/zeroing will be wrong for %e, %E, when requested prec >

but also for %g: this does work like %e, when the value is >=10^prec or <=10^-4

> Well, it looks like my fix (Suzuki did talk about the same point which I
> found in GDB), but my workaround was
>         if (prec > MAXFRACT) {
>                 if ((ch == 'f' && ch == 'F') || (flags&ALT)) {
>                         fpprec = prec - MAXFRACT;
>                         prec = MAXFRACT;
>                 }
>         } else if (prec == -1)

ok, but with this patch there will be a crash in printf("%.999e", x)

limiting prec MAXFRACT helps to avoid the buffer overrun in "cvt"
however with DBL_MAX the buffer size BUF 2 characters too small as I said.

I tried to solve it this way:

diff -Nur
    2009-08-20 18:09:18.000000000 +0200
+++ ecos/packages/language/c/libc/stdio/current/src/output/vfnprintf.cxx      
2012-08-07 10:16:48.809576300 +0200
@@ -107,7 +107,7 @@
 # define MAXEXP    DBL_MAX_10_EXP

-# define BUF             (MAXEXP+MAXFRACT+1)     /* + decimal point */
+# define BUF             (MAXEXP+MAXFRACT+3)     /* + decimal point + rounding
 # define DEFPREC         6

 static int
@@ -420,7 +420,7 @@
                          * zeroes later, so buffer size stays rational.
                         if (prec > MAXFRACT) {
-                                if ((ch != 'g' && ch != 'G') || (flags&ALT))
+                                if (ch == 'f' || ch == 'F')
                                         fpprec = prec - MAXFRACT;
                                 prec = MAXFRACT;
                         } else if (prec == -1)

This way there are no buffer overruns, and the added zeros are at least
never in the exponent. That would at least be a interim solution...

But I start to think that the "cvt" function will need a complete re-write
for strict conformance. And another point would be, that when you look at
the vfnprintf function in the assembler (ARM9, eCosCentric GNU tools 4.3.2-sw)

vfnprintf:stmdb   r13!,{r4-r11,r14}
          sub     r13,r13,#0x30C

This function needs 816 bytes on the stack,
even if you do not use any %f formats!

Maybe reducing this number could be worth the effort.


Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]