Buffer overrun - exit or abort?

[Martin Eisenberg]

Hi,

If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.


Martin

 

[Victor Bazarov]

If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.

This is a C question, is it not?

V

 

[Martin Eisenberg]

This is a C question, is it not?

No. I'm not using C and I have no reason to presume that it's just
the same or that a C user would know all that may be relevant in the
C++ context. Some also like to point out in such cases that the
mentioned functions do belong to C++...

While I'm at it, I anticipate being told just to use iostream -- the
response to that is that I really want to know, I can second-guess
myself just fine, and will do so at least twice in any case.


Martin

 

[Victor Bazarov]

No. I'm not using C and I have no reason to presume that it's just
the same or that a C user would know all that may be relevant in the
C++ context. Some also like to point out in such cases that the
mentioned functions do belong to C++...

While I'm at it, I anticipate being told just to use iostream -- the
response to that is that I really want to know, I can second-guess
myself just fine, and will do so at least twice in any case.

The reason I asked was simple: 'sprintf', 'exit', and 'abort' are
all Standard C library functions, and they (C folks) probably know
more what's going to happen and what to do to rectify things. I
only know one thing: if the buffer gets overrun, the behaviour of
the program in which it happens is undefined. For all we know, if
you call 'exit', it might instead behave as if you called 'abort'
and vice versa...

V

 

[Ian Collins]

Hi,

If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.

Depends on your platform I guess, if abort provides some form of
post-mortem debug (like a UNIX core file), use it. This more of an
exception tan an error condition, this sort of thing you'd trap with an
assert - which often calls abort.

 

[Jack Klein]

Hi,

If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.


Martin

Once your program has written beyond memory that belongs to it, you
have entered the realm of undefined behavior. There is no guarantee
that your program will survive to detect it.

If you can't guarantee that your program will not overwrite a buffer
using sprintf(), don't use sprintf().

 

[Markus Becker]

If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.

Don't use sprintf, use snprintf.

Markus

 

[Martin Eisenberg]

Don't use sprintf, use snprintf.

Is vsnprintf also standard? GCC has it but I don't see either in the
'97 standard draft.


Martin

 

[Earl Purple]

Is vsnprintf also standard? GCC has it but I don't see either in the
'97 standard draft.

Why use a printf variant at all? Use streams, or boost::format if you
really want printf-style.

Better not to use variable argument lists too.