Please sign in to comment.
csplit: do not rely on undefined behavior in printf formats
* doc/coreutils.texi (csplit invocation): Say that %d and %i are aliases for %u. * src/csplit.c (FLAG_THOUSANDS, FLAG_ALTERNATIVE): New constants. (get_format_flags): Now take char const * and int * and return size_t. It now stores info about the flags instead of merely scanning them. Also, it handles '0' correctly. Drop support for the undocumented '+' and ' ' flags since the value is unsigned. Add support for the (undocumented) "'" flag. All uses changed. (get_format_width, get_format_prec): Remove. (check_format_conv_type): Renamed from get_format_conv_type, with a different signature. It now converts the format to one that is compatible with unsigned int, and checks flags. All uses changed. (max_out): Have snprintf compute the number of bytes needed rather than attempting to do it ourselves (which doesn't work portably with outlandish formats such as %4294967296d). (check_format_conv_type, main): Check for overflow in size calculations. Don't assume size_t fits in unsigned int. * tests/misc/csplit: Check for proper handling of flags, with %0#6.3x. Coreutils 8.6 mishandles this somewhat-weird example.
- Loading branch information...
Showing with 81 additions and 78 deletions.