From 06cafadf4f3e9d85efd6f1b4b4e7c4387ce650cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= Date: Sun, 5 Nov 2017 23:31:31 +0100 Subject: [PATCH 1/2] Added assertion that call to vsnprintf succeeds --- src/image.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/image.cpp b/src/image.cpp index 338720fc..701cc81d 100644 --- a/src/image.cpp +++ b/src/image.cpp @@ -1004,6 +1004,7 @@ namespace Exiv2 { va_start(args, format); // args start after format rc = vsnprintf(&buffer[0], buffer.size(), format, args); va_end(args); // free the args + assert(rc >= 0); // rc < 0 => we have made an error in the format string if ( rc > 0 ) need = static_cast(rc); } while ( buffer.size() <= need ); From cfa5073a2c9186cbadb80086ab972eca1a17dbc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= Date: Sun, 5 Nov 2017 23:31:56 +0100 Subject: [PATCH 2/2] Added short explanation to internal function stringFormat --- src/image.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/image.cpp b/src/image.cpp index 701cc81d..c1279d34 100644 --- a/src/image.cpp +++ b/src/image.cpp @@ -998,6 +998,11 @@ namespace Exiv2 { size_t need = std::strlen(format); // initial guess int rc = -1; + // vsnprintf writes at most size (2nd parameter) bytes (including \0) + // returns the number of bytes required for the formatted string excluding \0 + // the following loop goes through: + // one iteration (if 'need' was large enough for the for formatted string) + // or two iterations (after the first call to vsnprintf we know the required length) do { buffer.resize(need + 1); va_list args; // variable arg list