[GRASS-dev] cppcheck analysis of grass_6.4.0 finds a number of C
bugs
Glynn Clements
glynn at gclements.plus.com
Thu Jan 13 08:04:56 EST 2011
Hamish wrote:
> * ./display/d.barscale/main.c:171 [error] - Undefined behaviour: cmdbuf is used wrong in call to sprintf or snprintf. Quote: If copying takes place between objects that overlap as a result of a call to sprintf() or snprintf(), the results are undefined.
> * ./display/d.barscale/main.c:172 [error] - Undefined behaviour: cmdbuf is used wrong in call to sprintf or snprintf. Quote: If copying takes place between objects that overlap as a result of a call to sprintf() or snprintf(), the results are undefined.
sprintf(cmdbuf, "%s bcolor=%s", cmdbuf, opt1->answer);
sprintf(cmdbuf, "%s tcolor=%s", cmdbuf, opt2->answer);
This is a fairly common idiom in GRASS. As the tool notes, the
behaviour of using the destination buffer as an argument is undefined.
This specific case is easy enough to fix; just generate the entire
string in one go. In cases where the append is conditional, safe
alternatives include using buf+strlen(buf) as the destination and
sprintf()ing into a temporary buffer then appending that with
strcat().
--
Glynn Clements <glynn at gclements.plus.com>
More information about the grass-dev
mailing list