[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
vsnprintf - segement fault
From: |
Kalle Skott |
Subject: |
vsnprintf - segement fault |
Date: |
Thu, 27 Apr 2006 14:41:13 +0200 |
This small code snippet will cause a segment fault in:
RH8
glibc-2.3.2-4.80.8
RH9
glibc-2.3.2-27.9.7
RH ES4
glibc-2.3.4-2.9
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
int Dump(char *fmt, ...)
{
int leng;
va_list arglist;
char buffer[8192];
va_start(arglist, fmt);
vsnprintf(buffer, sizeof(buffer), fmt, arglist);
leng = strlen(buffer);
printf("%s\n", buffer);
return (leng);
}
int main(int argc, char **argv)
{
// No extra arguments supplied but string contains a '%n' character sequence
Dump("Will cause segment fault -- %n");
return 0;
}
Is this a known problem? I've googled and found a lot of reports concerning
vsnprintf but most of them have tampered with the va_list variable.
In this case there are no extra arguments supplied to the Dump(char
*fmt,...) function but the sequence '%n' will cause a segment fault while
other sequences like '%k', '%w' etc will not generate segment fault.
Looking forward for a reply, regards,
Kalle Skott
address@hidden
- vsnprintf - segement fault,
Kalle Skott <=