From 812da4190f8ac2f548f3bea09b85164b78d33347 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 4 May 2014 23:37:24 +0200 Subject: [PATCH] mprintf: allow %.s with data not being zero terminated MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If the precision is indeed shorter than the string, don't strlen() to find the end because that's not how the precision operator works. I also added a unit test for curl_msnprintf to make sure this works and that the fix doesn't a few other basic use cases. I found a POSIX compliance problem that I marked TODO in the unit test, and I figure we need to add more tests in the future. Reported-by: Török Edwin --- lib/mprintf.c | 8 ++-- tests/data/test1398 | 26 ++++++++++++ tests/unit/Makefile.inc | 6 ++- tests/unit/unit1398.c | 91 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 126 insertions(+), 5 deletions(-) create mode 100644 tests/data/test1398 create mode 100644 tests/unit/unit1398.c diff --git a/lib/mprintf.c b/lib/mprintf.c index cc6042a3c..23070a764 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1999 - 2013, Daniel Stenberg, , et al. + * Copyright (C) 1999 - 2014, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -804,11 +804,11 @@ static int dprintf_formatf( len = 0; } } + else if(prec != -1) + len = (size_t)prec; else len = strlen(str); - if(prec != -1 && (size_t) prec < len) - len = (size_t)prec; width -= (long)len; if(p->flags & FLAGS_ALT) @@ -818,7 +818,7 @@ static int dprintf_formatf( while(width-- > 0) OUTCHAR(' '); - while(len-- > 0) + while((len-- > 0) && *str) OUTCHAR(*str++); if(p->flags&FLAGS_LEFT) while(width-- > 0) diff --git a/tests/data/test1398 b/tests/data/test1398 new file mode 100644 index 000000000..dd50baa62 --- /dev/null +++ b/tests/data/test1398 @@ -0,0 +1,26 @@ + + + +unittest +curl_msnprintf + + + +# +# Client-side + + +none + + +unittest + + +curl_msnprintf unit tests + + +unit1398 + + + + diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc index 75bf45abb..526ec1fbd 100644 --- a/tests/unit/Makefile.inc +++ b/tests/unit/Makefile.inc @@ -6,7 +6,7 @@ UNITFILES = curlcheck.h \ # These are all unit test programs UNITPROGS = unit1300 unit1301 unit1302 unit1303 unit1304 unit1305 unit1307 \ - unit1308 unit1309 unit1330 unit1394 unit1395 unit1396 unit1397 + unit1308 unit1309 unit1330 unit1394 unit1395 unit1396 unit1397 unit1398 unit1300_SOURCES = unit1300.c $(UNITFILES) unit1300_CPPFLAGS = $(AM_CPPFLAGS) @@ -52,3 +52,7 @@ unit1396_CPPFLAGS = $(AM_CPPFLAGS) unit1397_SOURCES = unit1397.c $(UNITFILES) unit1397_CPPFLAGS = $(AM_CPPFLAGS) + +unit1398_SOURCES = unit1398.c $(UNITFILES) +unit1398_CPPFLAGS = $(AM_CPPFLAGS) + diff --git a/tests/unit/unit1398.c b/tests/unit/unit1398.c new file mode 100644 index 000000000..e579a62e1 --- /dev/null +++ b/tests/unit/unit1398.c @@ -0,0 +1,91 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at http://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "curlcheck.h" + +#include "curl/mprintf.h" + +static CURLcode unit_setup( void ) {return CURLE_OK;} +static void unit_stop( void ) {} + +UNITTEST_START + +int rc; +char buf[3] = {'b', 'u', 'g'}; +const char *str="bug"; +int width = 3; +char output[24]; + +/*#define curl_msnprintf snprintf */ + +/* without a trailing zero */ +rc = curl_msnprintf(output, 4, "%.*s", width, buf); +fail_unless( rc == 3 , "return code should be 3" ); +fail_unless(!strcmp(output, "bug"), "wrong output"); + +/* with a trailing zero */ +rc = curl_msnprintf(output, 4, "%.*s", width, str); +fail_unless( rc == 3 , "return code should be 3" ); +fail_unless(!strcmp(output, "bug"), "wrong output"); + +width = 2; +/* one byte less */ +rc = curl_msnprintf(output, 4, "%.*s", width, buf); +fail_unless( rc == 2 , "return code should be 2" ); +fail_unless(!strcmp(output, "bu"), "wrong output"); + +/* string with larger precision */ +rc = curl_msnprintf(output, 8, "%.8s", str); +fail_unless( rc == 3 , "return code should be 3" ); +fail_unless(!strcmp(output, "bug"), "wrong output"); + +/* longer string with precision */ +rc = curl_msnprintf(output, 8, "%.3s", "0123456789"); +fail_unless( rc == 3 , "return code should be 3" ); +fail_unless(!strcmp(output, "012"), "wrong output"); + +/* negative width */ +rc = curl_msnprintf(output, 8, "%-8s", str); +fail_unless( rc == 8 , "return code should be 8" ); +fail_unless(!strcmp(output, "bug "), "wrong output"); + +/* larger width that string length */ +rc = curl_msnprintf(output, 8, "%8s", str); +fail_unless( rc == 8 , "return code should be 8" ); +fail_unless(!strcmp(output, " bu"), "wrong output"); + +/* output a number in a limited output */ +rc = curl_msnprintf(output, 4, "%d", 10240); +/* TODO: this should return 5 to be POSIX/snprintf compliant! */ +fail_unless( rc == 4 , "return code should be 4" ); +fail_unless(!strcmp(output, "102"), "wrong output"); + +/* padded strings */ +rc = curl_msnprintf(output, 16, "%8s%8s", str, str); +fail_unless( rc == 16 , "return code should be 16" ); +fail_unless(!strcmp(output, " bug bu"), "wrong output"); + +/* padded numbers */ +rc = curl_msnprintf(output, 16, "%8d%8d", 1234, 5678); +fail_unless( rc == 16 , "return code should be 16" ); +fail_unless(!strcmp(output, " 1234 567"), "wrong output"); + +UNITTEST_STOP