[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#7357: csplit: memory exhausted when using stdout / pipe instead of a
From: |
Eric Blake |
Subject: |
bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file |
Date: |
Wed, 10 Nov 2010 11:49:58 -0700 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101103 Fedora/1.0-0.33.b2pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.6 |
On 11/10/2010 11:40 AM, Paul Eggert wrote:
>> + unsigned int max_digit_string_len
>> + = (suffix
>> + ? max_out (suffix)
>> + : MAX (INT_STRLEN_BOUND (unsigned int), digits));
>
> That should be size_t, not unsigned int, since max_out
> returns a size_t, and it could return a value greater than
> UINT_MAX. For example, the user might run "csplit -b %4294967296d"
> and on a 64-bit host max_out will return UINTMAX + 1.
>
> While we're on the subject of undefined printf behavior, perhaps
> we should be rejecting any attempt to use a printf format like
> %4294967296d that uses a width or precision greater than INT_MAX?
> POSIX seems to say that such a format should work, but I'll bet
> nobody does it right (glibc doesn't).
Actually, the next version of POSIX will require EOVERFLOW if printf is
directed to print more than INT_MAX bytes:
http://austingroupbugs.net/view.php?id=316
> For safety we might want
> to be truncating large widths or precisions to INT_MAX, or
> rejecting them.
There's also the matter that %*d can only go up to INT_MAX bytes; it
would make sense to reject larger widths if we cannot safely rewrite a
user's %nnnd,value into %*d,nnn,value.
--
Eric Blake address@hidden +1-801-349-2682
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, (continued)
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Pádraig Brady, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Pádraig Brady, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Pádraig Brady, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Pádraig Brady, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Bob Proulx, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/11
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Paul Eggert, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file,
Eric Blake <=
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Paul Eggert, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/11
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Voelker, Bernhard, 2010/11/11
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/11
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/10
- bug#7357: csplit: memory exhausted when using stdout / pipe instead of a file, Jim Meyering, 2010/11/10