Bug 90987
| Summary: | sprintf() is limited to 2^26 bytes. | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Féliciano Matias <feliciano.matias> |
| Component: | glibc | Assignee: | Jakub Jelinek <jakub> |
| Status: | CLOSED RAWHIDE | QA Contact: | Brian Brock <bbrock> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 9 | CC: | drepper, fweimer, mitr, roland |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 2.3.2-43 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2003-07-31 08:03:05 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The culprit is the horribly complicated code in _IO_str_init_static. Primary question, do we care about weirdo arches which glibc doesn't support anyway? If not, I think a) _IO_str_init_static_internal must take ssize_t size, not int (and just make _IO_str_init_static a wrapper with int size) b) if size < 0, it should be IMHO just size = (char *)-1UL - ptr; I will create a patch if you agree. The current glibc CVS code has been changed to not have this liimtation anymore. Solved in serven. Up to 200 000 ko (don't have enough memory to do more). Oops, forgot to update the bug. Should also be solved in the RHL9 errata. Test code at ftp://people.redhat.com/jakub/glibc/errata/2.3.2-27.9.4/ |
From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.7 (X11; Linux i686; U;) Gecko/20030131 Description of problem: sprintf() don't handle strings bigger than 2^26 bytes. Version-Release number of selected component (if applicable): glibc-2.3.2-27.9 How reproducible: Always Steps to Reproduce: Use this source : test.c =================================== #include <stdio.h> #include <stdlib.h> #include <string.h> #define SIZE (1024*70000) int main(void) { char * s = malloc(SIZE) ; char * d = malloc(SIZE) ; memset(s, 'a', SIZE-1) ; d[SIZE-1] = '\0' ; sprintf(d,"%s",s) ; printf("%zi\n", strlen(d)) ; return 0 ; } =================================== compile : $ gcc test.c execute : $ ./a.out Actual Results: 67108863 (2^26-1) Expected Results: 71679999 Additional info: This cause to me some trouble with postgresql (look at the end of the message) : http://archives.postgresql.org/pgsql-general/2003-05/msg00516.php