cvs commit: hugs98/src input.c
sof 2002/07/19 11:40:24 PDT Modified files: src input.c Log: - fix silly snprintf() usage bug in prev commit. - consoleInput(): scale back prev commit and only set NOKEYBOARD if isatty() is supported _and_ you're using readline (USE_READLINE=1). Just relying on isatty() upsets certain Win32 usages (e.g., subshells within Emacs buffers, since isatty() is TRUE for Consoles under Win32, which a subshell ain't.) Also, always print the prompt -- it is a useful output marker for apps that drive Hugs interaction via (redirected) stdout. My apologies for not thinking through the ramifications of the prev commit first. Revision Changes Path 1.45 +8 -7 hugs98/src/input.c
Sigbjorn,
Modified files: src input.c Log: - fix silly snprintf() usage bug in prev commit.
Under glibc 2.2.5, snprintf copies n bytes including the \0, so this version drops the last character of the filename. But I don't see why this contortion is necessary anyway, since we just malloc'ed an array of exactly the right size. Ross
Reducing the risk of overrun bugs being introduced
is not a bad thing.
The snprintf() you're referring to is doing the C99
standardly thing, but there are versions of snprintf()
that treat the 'size' argument as not including the
terminator (MS CRT libs is one, there's likely to be
others too), so doing the conservative thing here
makes good sense.
--sigbjorn
----- Original Message -----
From: "Ross Paterson"
Sigbjorn,
Modified files: src input.c Log: - fix silly snprintf() usage bug in prev commit.
Under glibc 2.2.5, snprintf copies n bytes including the \0, so this version drops the last character of the filename. But I don't see why this contortion is necessary anyway, since we just malloc'ed an array of exactly the right size.
Ross
On Fri, Jul 19, 2002 at 01:24:37PM -0700, Sigbjorn Finne wrote:
Reducing the risk of overrun bugs being introduced is not a bad thing.
The snprintf() you're referring to is doing the C99 standardly thing, but there are versions of snprintf() that treat the 'size' argument as not including the terminator (MS CRT libs is one, there's likely to be others too), so doing the conservative thing here makes good sense.
On my system (Linux with glibc 2.2.5), -F doesn't work with this patch. The string gets set to "preprocessor Foo.h" (final 's' not copied) and it can't find Foo.h. If you insist on doing this, you'll need to give a larger argument (and allocate an extra byte).
Fine; done.
--sigbjorn
----- Original Message -----
From: "Ross Paterson"
On Fri, Jul 19, 2002 at 01:24:37PM -0700, Sigbjorn Finne wrote:
Reducing the risk of overrun bugs being introduced is not a bad thing.
The snprintf() you're referring to is doing the C99 standardly thing, but there are versions of snprintf() that treat the 'size' argument as not including the terminator (MS CRT libs is one, there's likely to be others too), so doing the conservative thing here makes good sense.
On my system (Linux with glibc 2.2.5), -F doesn't work with this patch. The string gets set to "preprocessor Foo.h" (final 's' not copied) and it can't find Foo.h. If you insist on doing this, you'll need to give a larger argument (and allocate an extra byte).
More snprintf bad news, from the printf() family manual (glibc 2.2.5): These functions return the number of characters printed (not including the trailing `\0' used to end output to strings). snprintf and vsnprintf do not write more than size bytes (including the trailing '\0'), and return -1 if the output was truncated due to this limit. (Thus until glibc 2.0.6. Since glibc 2.1 these functions follow the C99 standard and return the number of characters (exclud ing the trailing '\0') which would have been written to the final string if enough space had been available.) which implies the test for failure should be n = snprintf(s, size, ... if (n < 0 || n >= size)
participants (3)
-
Ross Paterson -
Sigbjorn Finne -
Sigbjorn Finne