Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cups/string.c: Add _cups_snprintf() #867

Closed
wants to merge 4 commits into from
Closed

cups/string.c: Add _cups_snprintf() #867

wants to merge 4 commits into from

Conversation

zdohnal
Copy link
Member

@zdohnal zdohnal commented Jan 16, 2024

Add the function which will remove the truncated UTF-8 multibyte characters.

@zdohnal
cups/string.c: Add _cups_snprintf()
258dd00 
Add the function which will remove the truncated UTF-8 multibyte
characters.
@zdohnal zdohnal requested a review from michaelrsweet January 16, 2024 15:49
michaelrsweet
michaelrsweet requested changes Jan 16, 2024
View reviewed changes
Copy link
Member

@michaelrsweet michaelrsweet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was actually thinking of adding a public API - cupsFormatString - and also want to do some other filtering of invalid/unsafe chars like we do for logging.

@zdohnal
cups/string.c: _cups_snprintf() -> cupsFormatString()
acb3244 
Make the previous function public, use `_cups_safe_vsnprintf()` and fix
`_cups_safe_vsnprintf()` to use the almost whole buffer size (except for
the last index, which is for null terminator)
@zdohnal
Copy link
Member Author

zdohnal commented Jan 17, 2024

@michaelrsweet ok, I made the function public + used _cups_safe_vsnprintf(), which does the job for logging - however it seems there was a bug in the function, which returned shorter string than the maximum possible, and returned higher number of written bytes than it actually wrote.

@zdohnal zdohnal requested a review from michaelrsweet January 17, 2024 12:44
@michaelrsweet
Copy link
Member

@michaelrsweet ok, I made the function public + used _cups_safe_vsnprintf(), which does the job for logging - however it seems there was a bug in the function, which returned shorter string than the maximum possible, and returned higher number of written bytes than it actually wrote.

Actually, that is the correct behavior. (v)snprintf return the number of bytes that would have been written, not the number of bytes written.

michaelrsweet
michaelrsweet requested changes Jan 17, 2024
View reviewed changes
Copy link
Member

@michaelrsweet michaelrsweet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comments...

cups/debug.c Outdated
@@ -570,7 +570,7 @@ _cups_safe_vsnprintf(
* C character escapes...
*/

for (bufend --; *s && bufptr < bufend; s ++)
for (; *s && bufptr < bufend; s ++)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is needed to avoid buffer overflow.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The decrement is there to prevent buffer overflow if we add an escaping character, right?

Shouldn't we check it in the specific 'ifs'? Otherwise this way we will lose one more character from string to additional null?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@michaelrsweet I've updated checks in other ifs to prevent buffer overflows, but use up all possible space for string. Did I understand it correctly that bufend decrement was to protect from overflow in characters which we need to escape?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, yes but I ended up doing things a little differently and pushed the results to CUPS 2.5 and libcups v3.

cups/debug.c Outdated Show resolved Hide resolved
cups/string.c Outdated Show resolved Hide resolved
@zdohnal
cups/string.c: Read longer paragraphs in man pages...
5f20bbe
@zdohnal
cups/debug.c: Move most cupsFormatString() logic to debug.c
103cc66 
UTF-8 processing moved to `_cups_safe_vsnprintf()`, updated incrementing
of return value and code style fixes
@zdohnal zdohnal requested a review from michaelrsweet January 18, 2024 14:40
@michaelrsweet
Copy link
Member

Fixes are in master.

@zdohnal
Copy link
Member Author

zdohnal commented Jan 25, 2024

No problem, I hope I helped in some way in the end.

@michaelrsweet
Copy link
Member

@zdohnal For sure, aside from fixing the bug in this function, it also lead to related fixes in the cupsCopy/ConcatString. And we also promoted the old _cups_safe_snprintf function to API.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelrsweet michaelrsweet Awaiting requested review from michaelrsweet

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zdohnal @michaelrsweet