HomeAbout Us A-Z IndexSearch * Contact Us Register LoginPress Shop

The Open Brand -- Problem Reporting and Interpretations System

Problem Report 2735 Details

Help Show help | Quick Search | Submit a Test Suite Support Request | Click here to view your privileges

This page provides all information on Problem Report 2735.

Report 2735 Actions

    Problem Report Number 2735
    Submitter's Classification Test Suite problem
    State Resolved
    Resolution Test Suite Deficiency (TSD)
    Problem Resolution ID TSD.X.1428
    Raised 2021-08-20 00:09
    Updated 2021-09-14 18:13
    Published 2021-09-14 18:13
    Product Standard C Language V2 (UNIX 03)
    Certification Program The Open Brand certification program
    Test Suite Perennial version 12.6
    Test Identification C99/Clause7/19_6_5/P72950.c, Block 00
    Specification ISO/IEC 9899:1999
    Location in Spec §7.19.6.5
    Problem Summary In test case P72950.c the second parameter in the call to snprintf() is invalid.
    Problem Text The test case in question requires the compilation and execution of the following program (relevant
    fragment shown):
    #include "tsthd.h"
    #include <stddef.h>
    #include <string.h>
    void verify(char *, char *);
    extern int locflg;
    char s[30];
    /*--------------------------------------------------------------------*/
    char prgnam[] = "P72950.c";

    int main(void)
    {
    double arg;
    int ret;
    size_t n = 79;
    setup();
    post("ISO/IEC 9899:1999, 7.19.6.5 The snprintf function\n");
    /*--------------------------------------------------------------------*/
    blenter(); /* block 00 */
    arg = 0x1.a001p+03;
    if ((ret = snprintf(s,n,"%.4A",arg)) <= 0) {
    locflg = FAILED;
    post("snprintf() %d with %%.4A returned %d.\n","%.4A",ret); }
    else verify("%.4A","A");
    blexit();
    ...

    The Open Group standard states
    (https://pubs.opengroup.org/onlinepubs/009695399/functions/snprintf.html) that "The snprintf()
    function shall be equivalent to sprintf(), with the addition of the n argument which states the size
    of the buffer referred to by s." In this invocation, the n argument (value 79) is substantially larger
    than the size of the provided buffer (value 30). I should note that the referenced C standard simply
    states "The snprintf function is equivalent to fprintf, except that the output is written into an array
    (specified by argument s) rather than to a stream."

    Our implementation catches this at run time. Note that if we compile the code with the C compiler
    argument "-D_FORTIFY_SOURCE=0" then the runtime check is disabled and the test passes.
    However, that option is unsafe and we do not use it.
    Test Output ===P72950.c
    ISO/IEC 9899:1999, 7.19.6.5 The snprintf function
    Enter Block #0

    Review Information

    Review Type TSMA Review
    Start Date 2021-08-20 00:09
    Last Updated 2021-09-14 18:12
    Completed 2021-09-14 18:12
    Status Complete
    Review Recommendation Test Suite Deficiency (TSD)
    Review Response A test suite deficiency is recommended.

    Review Type SA Review
    Start Date 2021-09-15 02:12
    Last Updated 2021-09-14 18:13
    Completed 2021-09-14 18:13
    Status Complete
    Review Resolution Test Suite Deficiency (TSD)
    Review Conclusion A test suite deficiency is granted.

    Problem Reporting System Options:

     

    Back   

Contact the Certification Authority