Skip to content

AsciiString::format_va is unsafe #826

New issue
New issue
Open
Bug
Open
AsciiString::format_va is unsafe#826
Bug
Labels
MinorSeverity: Minor < Major < Critical < BlockerStabilityConcerns stability of the runtime
@xezon

Description

@xezon
xezon
opened on May 7, 2025
void AsciiString::format_va(const AsciiString& format, va_list args)
{
	validate();
	char buf[MAX_FORMAT_BUF_LEN];
  if (_vsnprintf(buf, sizeof(buf)/sizeof(char)-1, format.str(), args) < 0)
			throw ERROR_OUT_OF_MEMORY;
	set(buf);
	validate();
}

https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/vsnprintf-vsnprintf-vsnprintf-l-vsnwprintf-vsnwprintf-l?view=msvc-170

vsnprintf function always writes a null terminator, even if it truncates the output. When you use _vsnprintf and _vsnwprintf, the buffer is null-terminated only if there's room at the end (that is, if the number of characters to write is less than count)

We either need to use vsnprintf with len(buf) or zero terminate buf with _vsnprintf with len(buf)-1

Metadata

Metadata

Assignees

No one assigned

    Labels

    MinorSeverity: Minor < Major < Critical < BlockerStabilityConcerns stability of the runtime

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions