View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
00001741003.1(2008)/Issue 7System Interfacespublic2009-10-29 18:212013-04-16 13:06
Reporterdrepper Assigned Toajosey  
PrioritynormalSeverityObjectionTypeEnhancement Request
Status ClosedResolutionAccepted As Marked 
NameUlrich Drepper
OrganizationRed Hat, Inc.
User Referenceud-puts-overflow
Sectionputs()
Page Number1723
Line Number55058
Interp Status---
Final Accepted Text0000174:0000298
Summary0000174: puts for strings longer than INT_MAX
DescriptionStrings do not have a length limit and on systems with, say, 64-bit address space and int being 32-bit, the result of calls to puts with strings as parameter of length > INT_MAX is unspecified. We cannot return the number of written bytes because all successful calls must return a non-negative value.

The same applies to fputs.
Desired ActionThere are two ways out:

- forbid such calls outright. In this case:

  1. copy the ERRORS section for fputc to puts() and fputs().
  2. add new error case

      [EOVERFLOW] The string /s/ is too long.

- truncate the write at INT_MAX characters and have the app handle this.
Tagsc99, tc1-2008

Relationships

related to 0000412 Closedajosey 2008-TC1 application note suggests impossible return value for input strings of length MAX_INT characters 

Activities

nick

2009-10-29 18:32

manager   bugnote:0000271

Discussed with some members of the C meeting after we adjourned ... general feeling is that this is undefined, and the EOVERFLOW error is an appropriate POSIX CX extension.

cmsmith

2009-10-29 21:09

reporter   bugnote:0000272

The return value for fputs() and puts() is "a non-negative number" upon success. The description does not indicate that the value needs to be related to the number of characters written.

drepper

2009-10-29 22:58

reporter   bugnote:0000273

Agreed, the value need not be the number of written bytes. But it'll break existing code to change that. Of course we can just return INT_MAX for all strings > INT_MAX. I guess this makes this a non-issue here.

geoffclare

2009-10-30 09:51

manager   bugnote:0000274

I agree no change to the normative text is needed, but I think we
should add some rationale or app usage about this issue. Perhaps
something like:

    "Traditionally puts() returned the number of bytes written.
    However, this convention cannot be adhered to for strings
    longer than INT_MAX bytes as the value would not be
    representable in the return type of the function. For
    backwards compatibility, implementations can return the
    number of bytes for strings of up to INT_MAX bytes, and
    return INT_MAX for all longer strings."

msbrown

2009-11-12 16:38

manager   bugnote:0000298

Add the following to the Application Usage section of puts(), p1723 after line 55077:

 "In some implementations puts() returned the number of bytes written.
    However, this convention cannot be adhered to for strings
    longer than INT_MAX bytes as the value would not be
    representable in the return type of the function. For
    backwards compatibility, implementations can return the
    number of bytes for strings of up to INT_MAX bytes, and
    return INT_MAX for all longer strings."

Also the same on page 908 after line 30373, with puts() changed to fputs().

Issue History

Date Modified Username Field Change
2009-10-29 18:21 drepper New Issue
2009-10-29 18:21 drepper Status New => Under Review
2009-10-29 18:21 drepper Assigned To => ajosey
2009-10-29 18:21 drepper Name => Ulrich Drepper
2009-10-29 18:21 drepper Organization => Red Hat, Inc.
2009-10-29 18:21 drepper User Reference => ud-puts-overflow
2009-10-29 18:21 drepper Section => puts()
2009-10-29 18:21 drepper Page Number => 1723
2009-10-29 18:21 drepper Line Number => 55058
2009-10-29 18:30 nick Tag Attached: c99
2009-10-29 18:32 nick Note Added: 0000271
2009-10-29 21:09 cmsmith Note Added: 0000272
2009-10-29 22:58 drepper Note Added: 0000273
2009-10-30 09:51 geoffclare Note Added: 0000274
2009-11-12 16:38 msbrown Interp Status => ---
2009-11-12 16:38 msbrown Note Added: 0000298
2009-11-12 16:38 msbrown Status Under Review => Resolved
2009-11-12 16:38 msbrown Resolution Open => Accepted As Marked
2009-11-12 16:39 msbrown Final Accepted Text => 0000174:0000298
2010-08-27 13:05 ajosey Tag Attached: tc1-2008
2011-04-21 16:37 eblake Relationship added related to 0000412
2013-04-16 13:06 ajosey Status Resolved => Closed