Invalid use of sprintf() in barnowl breaks with Intrepid gcc-4.3
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
barnowl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: barnowl
We have automatically detected that the barnowl source package
contains an invalid use of the sprintf() or snprintf() functions with
overlapping input and output, by matching the unpacked source against
one of the following two regexps:
.
pcregrep -M 'sprintf\
pcregrep -M 'snprintf\
.
An example of this kind of invalid sprintf() use is
sprintf(buf, "%s plus %d", buf, k);
which is likely intended to append formatted text to a buffer;
however, it is invalid according to C99. When compiled with Intrepid
gcc-4.3 or newer, it will silently produce unexpected results at
runtime.
.
This example sprintf() call could be fixed as follows:
-sprintf(buf, "%s plus %d", buf, k);
+sprintf(buf + strlen(buf), " plus %d", k);
Similarly, an invalid snprintf() call could be fixed as follows:
-snprintf(buf, buflen, "%s plus %d", buf, k);
+snprintf(buf + strlen(buf), buflen - strlen(buf), " plus %d", k);
.
Please forward this report upstream as appropriate. For more
information, see
https:/
http://
Fixed in BarnOwl 1.0.4, and 1.0.5 is in Jaunty now.