Why you say snprintf_s is unsafe std C11 function? #35

chenlilong84 · 2018-01-03T03:47:06Z

Hi rurban,

  From configure file, '--enable-unsafe'  flag will include unsafe std C11 functions, could you tell me why these functions are unsafe? based on what? thanks!

Regards
chenlilong84

The text was updated successfully, but these errors were encountered:

rurban · 2018-01-03T09:31:38Z

See the documentation of these functions. E.g.
https://rurban.github.io/safeclib/doc/safec-3.1/d8/d3c/snprintf__s_8c.html
Instead of being printed, the content is stored in dest. More than dmax - 1 characters might be written, so this variant is unsafe! Always use sprintf_s instead.

With truncation the final \0 might get lost.

chenlilong84 · 2018-01-04T08:01:44Z

sprintf_s(char * restrict dest, rsize_t dmax, const char * restrict fmt, ...)
snprintf_s(char * restrict dest, rsize_t dmax, const char * restrict fmt, ...)
So you mean sprintf_s is more safer than snprintf_s, because sprintf_s checks argument length should less than dmax, but snprintf_s has no check for it, if argument length is greater than dmax, null-terminated will be lost, right?

rurban · 2018-01-05T14:49:01Z

exactly

rurban · 2018-03-02T14:59:27Z

I made the 4 truncating versions now safe, putting a \0 at the end when truncating. See #52

rurban closed this as completed Jan 5, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Why you say snprintf_s is unsafe std C11 function? #35

Why you say snprintf_s is unsafe std C11 function? #35

chenlilong84 commented Jan 3, 2018

rurban commented Jan 3, 2018

chenlilong84 commented Jan 4, 2018

rurban commented Jan 5, 2018

rurban commented Mar 2, 2018

Why you say snprintf_s is unsafe std C11 function? #35

Why you say snprintf_s is unsafe std C11 function? #35

Comments

chenlilong84 commented Jan 3, 2018

rurban commented Jan 3, 2018

chenlilong84 commented Jan 4, 2018

rurban commented Jan 5, 2018

rurban commented Mar 2, 2018