Bug 90987 - sprintf() is limited to 2^26 bytes.
sprintf() is limited to 2^26 bytes.
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: glibc (Show other bugs)
9
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-05-16 01:12 EDT by Féliciano Matias
Modified: 2016-11-24 10:04 EST (History)
4 users (show)

See Also:
Fixed In Version: 2.3.2-43
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-07-31 04:03:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Féliciano Matias 2003-05-16 01:12:47 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.7 (X11; Linux i686; U;) Gecko/20030131

Description of problem:
sprintf() don't handle strings bigger than 2^26 bytes.

Version-Release number of selected component (if applicable):
glibc-2.3.2-27.9

How reproducible:
Always

Steps to Reproduce:
Use this source :
test.c
===================================
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define SIZE (1024*70000)
int main(void) {
    char * s = malloc(SIZE) ;
    char * d = malloc(SIZE) ;
    memset(s, 'a', SIZE-1) ;
    d[SIZE-1] = '\0' ;
    sprintf(d,"%s",s) ;
    printf("%zi\n", strlen(d)) ;
    return 0 ;
}
===================================
compile :
$ gcc test.c
execute :
$ ./a.out


Actual Results:  67108863 (2^26-1)

Expected Results:  71679999

Additional info:

This cause to me some trouble with postgresql (look at the end of the message) :
http://archives.postgresql.org/pgsql-general/2003-05/msg00516.php
Comment 1 Jakub Jelinek 2003-05-16 06:40:04 EDT
The culprit is the horribly complicated code in _IO_str_init_static.
Primary question, do we care about weirdo arches which glibc doesn't support
anyway? If not, I think
a) _IO_str_init_static_internal must take ssize_t size, not int
   (and just make _IO_str_init_static a wrapper with int size)
b) if size < 0, it should be IMHO just size = (char *)-1UL - ptr;
I will create a patch if you agree.
Comment 3 Ulrich Drepper 2003-06-09 23:22:40 EDT
The current glibc CVS code has been changed to not have this liimtation anymore.
Comment 4 Féliciano Matias 2003-07-30 22:57:33 EDT
Solved in serven. Up to 200 000 ko (don't have enough memory to do more).
Comment 5 Jakub Jelinek 2003-07-31 04:03:05 EDT
Oops, forgot to update the bug.
Comment 6 Ulrich Drepper 2003-11-04 16:46:03 EST
Should also be solved in the RHL9 errata.  Test code at

  ftp://people.redhat.com/jakub/glibc/errata/2.3.2-27.9.4/           
                                                                    

Note You need to log in before you can comment on or make changes to this bug.