Reputation: 461
core dump when calling vsnprintf
i am on ubuntu 12.04, with uname -a: Linux lu057801 3.2.0-31-generic #50-Ubuntu SMP Fri Sep 7 16:16:45 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
g++ --version: Linux lu057801 3.2.0-31-generic #50-Ubuntu SMP Fri Sep 7 16:16:45 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
I get a core dump in a call to vsnprintf. The following is the entire code that produces the issue:
// compile: g++ -g -o test vsnprintf_test.c
#include <stdarg.h>
#include <stdio.h>
#include <string>
void vout(char *string, char *fmt, ...);
char fmt1 [] = "%s %s %s\n";
size_t snprintf_1(char* buffer, const size_t bufSize, const char* format, ...);
size_t vsnprintf_1(char* buffer, const size_t bufSize, const char* format, va_list args);
int main(void)
{
char * format = "%s";
char buffer[] = "/var/tmp\0"; //char * buffer = "/var/tmp\0";
int bufSize=sizeof(buffer); //int bufSize=11;
snprintf_1(buffer, bufSize, format);
}
size_t snprintf_1(char* buffer, const size_t bufSize, const char* format, ...)
{
va_list args;
va_start(args, format);
size_t rc = vsnprintf_1(buffer, bufSize, format, args);
va_end(args);
return rc;
}
size_t vsnprintf_1(char* buffer, const size_t bufSize, const char* format, va_list args)
{
int rc = 0;
rc = vsnprintf(buffer, bufSize, format, args);
}
Compiling as: g++ -g -o test vsnprintf_test.c and running will give me the following backtrace:
(gdb) run
Starting program: /home/mafunk/software/MattsSnippets/test
Program received signal SIGSEGV, Segmentation fault.
_IO_vsnprintf (string=0x400738 "/var/tmp", maxlen=<optimized out>, format=0x400730 "%s", args=0x7fffffffe0b0) at vsnprintf.c:118
118 vsnprintf.c: No such file or directory.
(gdb) bt
#0 _IO_vsnprintf (string=0x40072f "/var/tmp", maxlen=<optimized out>, format=0x40072c "%s", args=0x7fffffffe0b0) at vsnprintf.c:118
#1 0x0000000000400639 in vsnprintf_1 (buffer=0x40072f "/var/tmp", bufSize=11, format=0x40072c "%s", args=0x7fffffffe0b0)
at vsnprintf_test.c:36
#2 0x00000000004005f2 in snprintf_1 (buffer=0x40072f "/var/tmp", bufSize=11, format=0x40072c "%s") at vsnprintf_test.c:27
#3 0x0000000000400541 in main () at vsnprintf_test.c:19
I guess i am not sure why this is happening. Any help would be greatly appreciated.
Upvotes: 1
Views: 5409
Answers (3)
Reputation: 18652
The segfault is caused because the destination you are trying to write to is a string literal.
In addition, the call snprintf_1(buffer, bufSize, format); is passed a "%s" format string but no other arguments. The format string expects an additional char * parameter and the code will read random memory on the call stack for the string pointer you didn't provide.
Upvotes: 3
Reputation: 8027
You are modifying a string literal, this is undefined behaviour. Change to this and it might work (although your buffer still looks too small to me).
char buffer[] = "/var/tmp\0";
In this code buffer is an array, not a pointer to a string literal.
Upvotes: 3
Reputation: 977
your buffer is too small
char * buffer = "/"/var/tmp/.SHM_SAP_IPMM_0008_no-sid\0"; **//37 char**
int bufSize=**35**;
Upvotes: 1
Related Questions
- C vsnprintf() ignoring last argument
- When can vsnprintf return 0?
- Different behavior when using vsnprintf on msvc and gcc
- Simple logger class vsnprintf is crashing with read access violation
- Vsnprintf crash for NULL on my embedded target
- c++ vsnprintf error when processing a long string(or strange)
- vsnprintf with %s segfaults with GCC
- Why following vsnprintf crash on visual studio 2013/2015?
- vsnprintf crash program in case %s is set with an integer
- vsnprintf and gcc