[ https://issues.apache.org/jira/browse/STDCXX-524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12520707 ]
Martin Sebor commented on STDCXX-524: ------------------------------------- Ouch! The test driver defines the rw_tmpnam() function that's supposed to be used for creating temporary file names. Looking at make_LC_TIME(), I don't think rw_tmpnam() is quite robust enough to handle the use case there. I see two other alternatives to dealing with the bug besides the one you suggest: 1. Forget about creating the files under the locale root directory and use rw_tmpnam() to obtain the names of the two temporary files the function uses. Change the function to delete the files when it's done generating the locale. 2. Replace rw_tmpnam() with rw_tempnam(), the equivalent of the POSIX tempnam() function, and change make_LC_TIME() and all other clients of rw_tmpnam() to call rw_tempnam() instead. See the POSIX man page for tempnam() here: http://www.opengroup.org/onlinepubs/009695399/functions/tempnam.html > buffer overflow in test 22.locale.time.get.cpp(make_LC_TIME) > ------------------------------------------------------------ > > Key: STDCXX-524 > URL: https://issues.apache.org/jira/browse/STDCXX-524 > Project: C++ Standard Library > Issue Type: Bug > Components: Tests > Reporter: Travis Vitek > Priority: Trivial > > This test uses L_tmpnam to determine the length of a buffer used to store a > filename string. Unfortunately, L_tmpnam is intended for use with tmpnam(), > but the buffer is written to with std::sprintf(). When I run the test, the > allocated buffer is 46 bytes, and the sprintf() call writes 58 bytes [this > will vary based on user name and other variables]. Perhaps the buffer should > be made larger, or some other method should be used to fill the buffer. > Perhaps this would work. > #if !defined (_WIN32) && !defined (_WIN64) > # define _PATH_MAX PATH_MAX > #else > # define _PATH_MAX _MAX_PATH > #endif > char srcfname [_PATH_MAX]; // [L_tmpnam + 32]; > std::sprintf (srcfname, "%s" SLASH "LC_TIME.src", locale_root); -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.