[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: printf precision with NULL-terminated strings
From: |
Andreas Jaeger |
Subject: |
Re: printf precision with NULL-terminated strings |
Date: |
Mon, 14 Feb 2005 09:10:04 +0100 |
User-agent: |
Gnus/5.110003 (No Gnus v0.3) XEmacs/21.4.15 (linux) |
"Ben Love" <address@hidden> writes:
> Hello,
>
> It appears that using a precision to limit the number of
> characters printed from a string may read more characters
> from the string than was specified. I wondered if this was
> expected behavior. Here is a sample program:
>
> int main(int argc, char **argv)
> {
> char a* = malloc(7);
> memcpy(a, "1234567", 7);
> printf("%.*s", 6, a);
a is not nul-terminated and therefore not a proper string argument,
Andrea
> }
>
> The output is (as expected) "123456".
>
> However, when run with 'valgrind --tool=addrcheck a.out'
> I see the following error message:
>
> Invalid read of size 1
> at 0x341CCCAE: strnlen (in /lib/libc-2.3.2.so)
> by 0x341A0383: _IO_vfprintf (in /lib/libc-2.3.2.so)
> by 0x341A68D1: _IO_printf (in /lib/libc-2.3.2.so)
> by 0x8048418: main (/root/test_app/a.out)
> Address 0x3428B02F is 0 bytes after a block of size 7 alloc'd
> at 0x3414A5C1: malloc (vg_replace_malloc.c:131)
> by 0x80483DF: main (/root/test_app/a.out)
>
> At first, I thought maybe it was a word-alignment problem,
> where printf was reading 4 bytes at a time. However, when
> you replace the memcpy line with this one:
> memcpy(a, "123456\0", 7);
> (i.e., force a NULL earlier) valgrind detects no overrun.
> It appears that printf continues to read from the string
> until the NULL terminating character is found, and only
> then does it limit the output to the number of characters
> specified. According to the manpage: "If a precision is
> given, no null character need be present."
>
> Any thoughts? Is this behavior to be expected?
>
> Sincerely,
> Ben Love
>
>
> _______________________________________________
> Bug-glibc mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/bug-glibc
>
Andreas
--
Andreas Jaeger, address@hidden, http://www.suse.de/~aj
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
pgpsQ3bOlLbXF.pgp
Description: PGP signature