From c4582f93a263bea534288e7f7ad8937405964cd4 Mon Sep 17 00:00:00 2001 From: Michal Rokos Date: Wed, 5 Mar 2008 16:46:13 +0100 Subject: Add compat/snprintf.c for systems that return bogus Some systems (namely HPUX and Windows) return -1 when maxsize in snprintf() and in vsnprintf() is reached. So replace snprintf() and vsnprintf() functions with our own ones that return correct value upon overflow. [jc: verified that review comments by J6t have been incorporated, and tightened the check to verify the resulting buffer contents, suggested by Wayne Davison] Signed-off-by: Michal Rokos Signed-off-by: Junio C Hamano --- Makefile | 8 ++++++++ compat/snprintf.c | 40 ++++++++++++++++++++++++++++++++++++++++ config.mak.in | 1 + configure.ac | 34 ++++++++++++++++++++++++++++++++++ git-compat-util.h | 9 +++++++++ 5 files changed, 92 insertions(+) create mode 100644 compat/snprintf.c diff --git a/Makefile b/Makefile index ca5aad963c..6af7132853 100644 --- a/Makefile +++ b/Makefile @@ -3,6 +3,10 @@ all:: # Define V=1 to have a more verbose compile. # +# Define SNPRINTF_RETURNS_BOGUS if your are on a system which snprintf() +# or vsnprintf() return -1 instead of number of characters which would +# have been written to the final string if enough space had been available. +# # Define FREAD_READS_DIRECTORIES if your are on a system which succeeds # when attempting to read from an fopen'ed directory. # @@ -629,6 +633,10 @@ endif ifdef NO_C99_FORMAT BASIC_CFLAGS += -DNO_C99_FORMAT endif +ifdef SNPRINTF_RETURNS_BOGUS + COMPAT_CFLAGS += -DSNPRINTF_RETURNS_BOGUS + COMPAT_OBJS += compat/snprintf.o +endif ifdef FREAD_READS_DIRECTORIES COMPAT_CFLAGS += -DFREAD_READS_DIRECTORIES COMPAT_OBJS += compat/fopen.o diff --git a/compat/snprintf.c b/compat/snprintf.c new file mode 100644 index 0000000000..dbfc2d6b6e --- /dev/null +++ b/compat/snprintf.c @@ -0,0 +1,40 @@ +#include "../git-compat-util.h" + +#undef vsnprintf +int git_vsnprintf(char *str, size_t maxsize, const char *format, va_list ap) +{ + char *s; + int ret; + + ret = vsnprintf(str, maxsize, format, ap); + if (ret != -1) + return ret; + + s = NULL; + if (maxsize < 128) + maxsize = 128; + + while (ret == -1) { + maxsize *= 4; + str = realloc(s, maxsize); + if (! str) + break; + s = str; + ret = vsnprintf(str, maxsize, format, ap); + } + free(s); + return ret; +} + +int git_snprintf(char *str, size_t maxsize, const char *format, ...) +{ + va_list ap; + int ret; + + va_start(ap, format); + ret = git_vsnprintf(str, maxsize, format, ap); + va_end(ap); + + return ret; +} + diff --git a/config.mak.in b/config.mak.in index ee6c33df03..8e1cd5f03d 100644 --- a/config.mak.in +++ b/config.mak.in @@ -46,3 +46,4 @@ NO_MKDTEMP=@NO_MKDTEMP@ NO_ICONV=@NO_ICONV@ OLD_ICONV=@OLD_ICONV@ NO_DEFLATE_BOUND=@NO_DEFLATE_BOUND@ +SNPRINTF_RETURNS_BOGUS=@SNPRINTF_RETURNS_BOGUS@ diff --git a/configure.ac b/configure.ac index 85d7ef570d..287149d304 100644 --- a/configure.ac +++ b/configure.ac @@ -326,6 +326,40 @@ else NO_C99_FORMAT= fi AC_SUBST(NO_C99_FORMAT) +# +# Define SNPRINTF_RETURNS_BOGUS if your are on a system which snprintf() +# or vsnprintf() return -1 instead of number of characters which would +# have been written to the final string if enough space had been available. +AC_CACHE_CHECK([whether snprintf() and/or vsnprintf() return bogus value], + [ac_cv_snprintf_returns_bogus], +[ +AC_RUN_IFELSE( + [AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT + #include "stdarg.h" + + int test_vsnprintf(char *str, size_t maxsize, const char *format, ...) + { + int ret; + va_list ap; + va_start(ap, format); + ret = vsnprintf(str, maxsize, format, ap); + va_end(ap); + return ret; + }], + [[char buf[6]; + if (test_vsnprintf(buf, 3, "%s", "12345") != 5 + || strcmp(buf, "12")) return 1; + if (snprintf(buf, 3, "%s", "12345") != 5 + || strcmp(buf, "12")) return 1]])], + [ac_cv_snprintf_returns_bogus=no], + [ac_cv_snprintf_returns_bogus=yes]) +]) +if test $ac_cv_snprintf_returns_bogus = yes; then + SNPRINTF_RETURNS_BOGUS=UnfortunatelyYes +else + SNPRINTF_RETURNS_BOGUS= +fi +AC_SUBST(SNPRINTF_RETURNS_BOGUS) ## Checks for library functions. diff --git a/git-compat-util.h b/git-compat-util.h index 2a40703c85..9d04faefb8 100644 --- a/git-compat-util.h +++ b/git-compat-util.h @@ -209,6 +209,15 @@ void *gitmemmem(const void *haystack, size_t haystacklen, extern FILE *git_fopen(const char*, const char*); #endif +#ifdef SNPRINTF_RETURNS_BOGUS +#define snprintf git_snprintf +extern int git_snprintf(char *str, size_t maxsize, + const char *format, ...); +#define vsnprintf git_vsnprintf +extern int git_vsnprintf(char *str, size_t maxsize, + const char *format, va_list ap); +#endif + #ifdef __GLIBC_PREREQ #if __GLIBC_PREREQ(2, 1) #define HAVE_STRCHRNUL -- cgit v1.2.1