Document: N1672
Date: 2013年02月11日

Defect Report #4nn

Previous Defect Report < - > Next Defect Report


Submitter: Douglas Walls
Submission Date: 2013年02月11日
Source:WG14
Reference Document: N1672
Version: 1.0
Date:
Subject: runtime-constraint issue with sprintf family of routines in Annex K

Summary

snprintf_s (Annex K.3.5.3.5)

In the "Runtime-constraints" section, K.3.5.3.5p2 first sentence it says:

"Neither s nor format shall be a null pointer. n shall neither equal
zero nor be greater than RSIZE_MAX."

So,
if (n == 0 || n > RSIZE_MAX)
/* runtime constraints violation */

This is clear. However the next paragraph K.3.5.3.5p3, says this about "s":

"If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and less than RSIZE_MAX, then the
snprintf_s function sets s[0] to the null character."

So, it takes action when (n < RSIZE_MAX)

if (s != NULL && n > 0 && n < RSIZE_MAX)
s[0] = '0円';

Question here is, what if n equals RSIZE_MAX? Should we still reset
s[0]?

If I were to say this looks like a typo, would WG14 agree with me?

That is the text of K.3.5.3.5p3 should be:

If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and not greater than RSIZE_MAX, then the
snprintf_s function sets s[0] to the null character.

This issue applies to all the sprintf family of routines in Annex K

Suggested Technical Corrigendum

snprintf_s
Replace K.3.5.3.5p3 with:

If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and not greater than RSIZE_MAX, then the
snprintf_s function sets s[0] to the null character.

sprintf_s
Replace K.3.5.3.6p3 with:

If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and not greater than RSIZE_MAX, then the
sprintf_s function sets s[0] to the null character.

vsnprintf_s
Replace K.3.5.3.12p3 with:

If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and not greater than RSIZE_MAX, then the
vsnprintf_s function sets s[0] to the null character.

vsprintf_s
Replace K.3.5.3.13p3 with:

If there is a runtime-constraint violation, then if s is not a null
pointer and n is greater than zero and not greater than RSIZE_MAX, then the
vsprintf_s function sets s[0] to the null character.


Previous Defect Report < - > Next Defect Report

AltStyle によって変換されたページ (->オリジナル) /