fix snprintf_s tests

rurban · rurban · commit b93a09fe6c87 · 2017-08-25T11:06:29.000+02:00
many copy&amp;paste errors analog to sprintf_s
diff --git a/src/safeclib/snprintf_s.c b/src/safeclib/snprintf_s.c
@@ -30,14 +30,17 @@
 #include "safe_str_constraint.h"
 #include <stdarg.h>
 
+/* TODO: error when fmt contains %n, or encoding errors occur.
+ */
 
 /** 
  * @brief
  *    The snprintf_s function composes a string with same test that 
  *    would be printed if format was used on printf. Instead of being 
  *    printed, the content is stored in dest.
- *    At most dmax - 1 characters are written. The resulting
- *    character string will be terminated with a null character,
+ *    More than dmax - 1 characters might be written, so this variant is unsafe!
+ *    Always use sprintf_s instead.
+ *    The resulting character string will be terminated with a null character,
  *    unless dmax is zero. If dmax is zero, nothing is written and
  *    dest may be a null pointer, however the return value (number
  *    of bytes that would be written) is still calculated and
@@ -53,14 +56,13 @@
  * @param fmt   format-control string.
  * @param ...   optional arguments
  *
- * @return  On success the total number of characters written is returned. 
- * @return  On failure a negative number is returned. 
- * @return  If the buffer dest is too small for the formatted text,
- *          including the terminating null, then the buffer is set to an
- *          empty string by placing a null character at dest[0], and the
- *          invalid parameter handler is invoked.
- *          snprintf_s does not guarantees that the buffer will be
- *          null-terminated unless the buffer size is zero.
+ * @return Number of characters not including the terminating null
+ *         character (which is always written as long as buffer is not
+ *         a null pointer and bufsz is not zero and not greater than
+ *         RSIZE_MAX_STR), which would have been written to buffer if
+ *         bufsz was ignored, or a negative value if a runtime
+ *         constraints violation or an encoding error occurred.
+ *
  * @retval  ESNULLP when dest/fmt is NULL pointer
  * @retval  ESZEROL when dmax = 0
  * @retval  ESLEMAX when dmax > RSIZE_MAX_STR
diff --git a/tests/test_snprintf_s.c b/tests/test_snprintf_s.c
@@ -1,7 +1,6 @@
 /*------------------------------------------------------------------
  * test_snprintf_s
  *
- *
  *------------------------------------------------------------------
  */
 
@@ -33,7 +32,7 @@ int test_snprintf_s (void)
 
 /*--------------------------------------------------*/
 
-    rc = snprintf_s(str1, LEN, "%s", NULL);
+    rc = snprintf_s(str1, LEN, NULL, NULL);
     if (rc != ESNULLP) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
@@ -64,7 +63,7 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 1, "%s", str2);
-    if (rc != ESUNTERM) {
+    if (rc != 14) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
@@ -82,42 +81,37 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 2, "%s", str2);
-    if (rc != ESUNTERM) {
+    if (rc != 14) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    if (str1[0] != '\0') {
-        debug_printf("%s %u  Expected null  \n",
-                     __FUNCTION__, __LINE__);
-        errs++;
-    }
-
 /*--------------------------------------------------*/
 
-    strcpy(&str1[0], "aaaaaaaaaa");
-    strcpy(&str2[0], "keep it simple");
+    strcpy(str1, "aaaaaaaaaa");
+    strcpy(str2, "keep it simple");
 
     len1 = strlen(str1);
     len2 = strlen(str2);
 
     rc = snprintf_s(str1, 50, "%s", str2);
-    if (rc != EOK) {
+    if (rc != len2) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
     len3 = strlen(str1);
-    if (len3 != (len1+len2)) {
+    if (len3 != len2) {
         debug_printf("%s %u lengths wrong: %u  %u  %u \n",
                      __FUNCTION__, __LINE__, len1, len2, len3);
         errs++;
     }
 
 /*--------------------------------------------------*/
 
+    str1[0] = '\0';
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 5, "%s", str2);
@@ -140,27 +134,22 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 2, "%s", str2);
-    if (rc != ESNOSPC) {
+    if (rc != 14) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    if (str1[0] != '\0') {
-        debug_printf("%s %u  Expected null  \n",
-                     __FUNCTION__, __LINE__);
-        errs++;
-    }
-
 /*--------------------------------------------------*/
 
     str1[0] = '\0';
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 20, "%s", str2);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
+        errs++;
     }
 
     ind = strcmp(str1, str2);
@@ -176,7 +165,7 @@ int test_snprintf_s (void)
     str2[0] = '\0';
 
     rc = snprintf_s(str1, LEN, "%s", str2);
-    if (rc != EOK) {
+    if (rc != 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
@@ -194,7 +183,7 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, LEN, "%s", str2);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
@@ -213,13 +202,13 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, LEN, "%s", str2);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    ind = strcmp(str1, "qqweqqkeep it simple");
+    ind = strcmp(str1, "keep it simple");
     if (ind != 0) {
         debug_printf("%s %u   Error -%s- \n",
                      __FUNCTION__, __LINE__,  str1);
@@ -232,7 +221,7 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 12, "%s", str2);
-    if (rc != ESNOSPC) {
+    if (rc != 14) { /* sic! unsafe */
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
@@ -244,13 +233,13 @@ int test_snprintf_s (void)
     strcpy(str2, "keep it simple");
 
     rc = snprintf_s(str1, 52, "%s", str2);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    ind = strcmp(str1, "1234keep it simple");
+    ind = strcmp(str1, "keep it simple");
     if (ind != 0) {
         debug_printf("%s %u   Error -%s- \n",
                      __FUNCTION__, __LINE__,  str1);
@@ -262,32 +251,26 @@ int test_snprintf_s (void)
     strcpy(str1, "12345678901234567890");
 
     rc = snprintf_s(str1, 8, "%s", &str1[7]);
-    if (rc != ESOVRLP) {
+    if (rc != 13) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    if (str1[0] != '\0') {
-        debug_printf("%s %u  Expected null  \n",
-                     __FUNCTION__, __LINE__);
-        errs++;
-    }
-
 /*--------------------------------------------------*/
 
     strcpy(str1, "123456789");
 
     rc = snprintf_s(str1, 9, "%s", &str1[8]);
-    if (rc != ESOVRLP) {
+    if (rc != 1) { /* overlapping allowed */
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
-
-    if (str1[0] != '\0') {
-        debug_printf("%s %u  Expected null  \n",
-                     __FUNCTION__, __LINE__);
+    ind = strcmp(str1, "9");
+    if (ind != 0) {
+        debug_printf("%s %u   Error -%s- \n",
+                     __FUNCTION__, __LINE__,  str1);
         errs++;
     }
 
@@ -297,13 +280,13 @@ int test_snprintf_s (void)
     strcpy(str1, "keep it simple");
 
     rc = snprintf_s(str2, 31, "%s", &str1[0]);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    ind = strcmp(str2, "123keep it simple");
+    ind = strcmp(str2, "keep it simple");
     if (ind != 0) {
         debug_printf("%s %u   Error -%s- \n",
                      __FUNCTION__, __LINE__,  str1);
@@ -316,13 +299,13 @@ int test_snprintf_s (void)
     strcpy(str1, "56789");
 
     rc = snprintf_s(str2, 10, "%s", str1);
-    if (rc != EOK) {
+    if (rc <= 0) {
         debug_printf("%s %u   Error rc=%u \n",
                      __FUNCTION__, __LINE__,  rc);
         errs++;
     }
 
-    ind = strcmp(str2, "123456789");
+    ind = strcmp(str2, "56789");
     if (ind != 0) {
         debug_printf("%s %u   Error -%s- \n",
                      __FUNCTION__, __LINE__,  str1);
