NetBSD Problem Report #44097

From yamt@NetBSD.org  Tue Nov 16 04:59:10 2010
Return-Path: <yamt@NetBSD.org>
Received: by www.NetBSD.org (Postfix, from userid 1270)
	id 4894863BC98; Tue, 16 Nov 2010 04:59:10 +0000 (UTC)
Message-Id: <20101116045910.4894863BC98@www.NetBSD.org>
Date: Tue, 16 Nov 2010 04:59:10 +0000 (UTC)
From: yamt@NetBSD.org
Reply-To: yamt@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: humanize_number bugs
X-Send-Pr-Version: 3.95

>Number:         44097
>Category:       lib
>Synopsis:       humanize_number bugs
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 16 05:00:00 +0000 2010
>Closed-Date:    Mon Mar 19 23:28:14 +0000 2012
>Last-Modified:  Mon Mar 19 23:28:14 +0000 2012
>Originator:     YAMAMOTO Takashi
>Release:        NetBSD-current
>Organization:

>Environment:
>Description:
	the following program yields unexpected outputs except for
	the first one.

	eg.
		% ./a.out
		5 '10000'
		1 '0'
		13 '0%d%s%d%s%s%s'
		failed
		% 

	besides that, the code and the man page seem assuming
	strlen(localeconv()->decimal_point) == 1.
	i wonder if it's correct for multibyte locales.

>How-To-Repeat:
>Fix:

#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>

int
main()
{
	char buf[1000];
	int ret;

	/*
	 * this seems to work
	 */
	ret = humanize_number(buf, 10, 10000, "", HN_AUTOSCALE, HN_NOSPACE);
	if (ret == -1) {
		printf("failed\n");
	} else {
		printf("%d '%s'\n", ret, buf);
	}

	/*
	 * large number
	 */
	ret = humanize_number(buf, 10, INT64_MAX, "", HN_AUTOSCALE, HN_NOSPACE);
	if (ret == -1) {
		printf("failed\n");
	} else {
		printf("%d '%s'\n", ret, buf);
	}

	/*
	 * large buffer with HN_AUTOSCALE
	 */
	ret = humanize_number(buf, sizeof(buf), 10000, "", HN_AUTOSCALE,
	    HN_NOSPACE);
	if (ret == -1) {
		printf("failed\n");
	} else {
		printf("%d '%s'\n", ret, buf);
	}

	/*
	 * tight buffer
	 * the man page says that len must be at least 4, but...
	 */
	ret = humanize_number(buf, 1, 1, "", HN_AUTOSCALE, HN_NOSPACE);
	if (ret == -1) {
		printf("failed\n");
	} else {
		printf("%d '%s'\n", ret, buf);
	}

	exit(0);
}

>Release-Note:

>Audit-Trail:
From: "Jukka Ruohonen" <jruoho@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/44097 CVS commit: src/tests/lib/libc/gen
Date: Wed, 6 Apr 2011 10:04:53 +0000

 Module Name:	src
 Committed By:	jruoho
 Date:		Wed Apr  6 10:04:53 UTC 2011

 Modified Files:
 	src/tests/lib/libc/gen: t_humanize_number.c

 Log Message:
 Formally verify the numerous bugs in humanize_number(3).
 From PR lib/44097, by yamt@.


 To generate a diff of this commit:
 cvs rdiff -u -r1.1 -r1.2 src/tests/lib/libc/gen/t_humanize_number.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/44097 CVS commit: src/lib/libc/gen
Date: Sat, 17 Mar 2012 16:01:15 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Sat Mar 17 20:01:15 UTC 2012

 Modified Files:
 	src/lib/libc/gen: humanize_number.c

 Log Message:
 PR/44097: Yamamoto Takashi: Prevent overflow.


 To generate a diff of this commit:
 cvs rdiff -u -r1.15 -r1.16 src/lib/libc/gen/humanize_number.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: jruoho@NetBSD.org
State-Changed-When: Sun, 18 Mar 2012 07:16:20 +0000
State-Changed-Why:
Fixed.


State-Changed-From-To: closed->pending-pullups
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sun, 18 Mar 2012 16:05:47 +0000
State-Changed-Why:
pullup-6 #129


From: "Jeff Rizzo" <riz@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/44097 CVS commit: [netbsd-6] src/lib/libc/gen
Date: Mon, 19 Mar 2012 23:24:58 +0000

 Module Name:	src
 Committed By:	riz
 Date:		Mon Mar 19 23:24:58 UTC 2012

 Modified Files:
 	src/lib/libc/gen [netbsd-6]: humanize_number.c

 Log Message:
 Pull up following revision(s) (requested by dholland in ticket #129):
 	lib/libc/gen/humanize_number.c: revision 1.16
 PR/44097: Yamamoto Takashi: Prevent overflow.


 To generate a diff of this commit:
 cvs rdiff -u -r1.14 -r1.14.24.1 src/lib/libc/gen/humanize_number.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: pending-pullups->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Mon, 19 Mar 2012 23:28:14 +0000
State-Changed-Why:
Pulled up.


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.