Re: SIGSEGV, Segmentation fault.

[Martin Pala]

You are rigth. It truncates the string to "size" - last character is 
always '\0' (even if the string was longer then dst - test attached).

There is only one advantage when using "size+1" long dst - in special 
case where src is equal to dst, it won't truncate it, which is probably 
better.

Martin

Jan-Henrik Haukeland wrote:

> I'm not sure and I may be wrong, but from the top of my head I do not think
> this is a buffer-size problem i.e. it's not necessary to add 1 byte to the
> buffer when snprintf is used. The buffer is not going to get overrun and
> snprintf adds a '\0' char at the end of the buffer. The man page for *printf
> says:
>
>   sprintf  stores the output in the specified char array str
>   and snprintf limits number of characters written to str to
>   at  most  size (including terminating 0)...
>
> And as you can see in the strange string Igor got when he ran gdb,  the NUL
> char was added, the rest of the garble is normal (probably) since the string
> was uninitialized. It seems that the problem is vsnprintf and it fails (with
> malloc!?) because it has problems with the format string? Again from the man
> page:
>
>  For sprintf and snprintf, the behavior is also  undefined  if  the  output
>  *<[str>>  overlaps with one of the arguments.
>
> Undefined behaviour usually means SIGSEGV :-) So my two cents are on the
> vsnprintf statement and on the format argument. (I'm on windows right now and
> helping my brother building a house in another town so I cannot check the patch
> right now, but I'll be back next week).
>
> Cheers!
>
> Jan-Henrik
>
>  
>
> > -----Original Message-----
> > From: address@hidden
> > [mailto:address@hidden
> > Behalf Of Martin Pala
> > Sent: 20. mai 2003 21:45
> > To: This is the general mailing list for monit
> > Subject: Re: SIGSEGV, Segmentation fault.
> >
> >
> > This kind of error (i think it was the cause of problem) was in the
> > sources more then once - new patch which should generaly fix it
> > attached, please try it, Igor.
> >
> > Thanks,
> > Martin
> >
> > Martin wrote:
> >
> >    
> >
> > > Hi Igor,
> > >
> > > can you try attached patch?
> > >
> > > Thanks,
> > >
> > > Cheers,
> > > Martin
> > >
> > > ----- Původní zpráva -----
> > > Od: Igor Homyakov <address@hidden>
> > > Datum: úterý, 20. května 2003 v 9:32 dop.
> > > Předmět: SIGSEGV, Segmentation fault.
> > >
> > >
> > >
> > >      
> > >
> > > > address@hidden monit-3.2]# gdb ./monit
> > > > GNU gdb ALT Linux (5.2.1-alt2)
> > > > Copyright 2002 Free Software Foundation, Inc.
> > > > GDB is free software, covered by the GNU
> > > > General Public License, and you are
> > > > welcome to change it and/or distribute copies
> > > > of it under certain conditions.
> > > > Type "show copying" to see the conditions.
> > > > There is absolutely no warranty for GDB.
> > > > Type "show warranty" for details.
> > > > This GDB was configured as "i586-alt-linux"...
> > > > (gdb) break do_default
> > > > Breakpoint 1 at 0x804f09c: file monitor.c,
> > > > line 496.
> > > > (gdb) run
> > > > Starting program:
> > > > /home/homyakov/RPM/BUILD/monit-3.2/monit
> > > > [New Thread 1024 (LWP 14649)]
> > > > [Switching to Thread 1024 (LWP 14649)]
> > > >
> > > > Breakpoint 1, do_default () at monitor.c:496
> > > > 496       if(Run.isdaemon) {
> > > > (gdb) n
> > > > 498         if(do_wakeupcall()) {
> > > > (gdb) n
> > > > 504         log("Starting %s daemon\n", prog);
> > > > (gdb) s
> > > > log (format=0x80619e0 "Starting %s daemon\n")
> > > > at log.c:116
> > > > 116       ASSERT(format);
> > > > (gdb) s
> > > > 118       va_start(ap,format);
> > > > (gdb) n
> > > > 119       vsnprintf(msg, STRLEN, format, ap);
> > > > (gdb) n
> > > > 122       if(! Run.dolog) goto nolog;
> > > > (gdb) n
> > > > 124       if(Run.use_syslog) {
> > > > (gdb) n
> > > > 126         syslog(LOG_ERR|LOG_USER, "%s", msg);
> > > > (gdb) print msg
> > > > $1 = "Starting monit
> > > >
> > > >
> > > >
> > > >        
> > > daemon\n\0*???\177t?\004\bH5\a\b\220??\177\210??\177;?\004\b/var/run
> > >      
> > /mon\0\0\0\0id\0*???*x??*0??*???*???*\e\0?*?\232?*\220R?*\200N?*???\1
> > 77\216??*\235\035?*???*x??*0??*\0\0\0\0???*\0\0\0\00??*0??\177?D?*\e\
> > address@hidden(??\177uC\005\bH5\a\b\0\0\0\0(??\177L\214?
> > *L\214?*`\234?*"...(gdb)
> >    
> >
> > > n
> > >
> > >
> > >      
> > >
> > > > Program received signal SIGSEGV, Segmentation
> > > > fault.0x2ac6011a in malloc () from
> > > > /lib/libc.so.6(gdb) where
> > > > #0  0x2ac6011a in malloc () from /lib/libc.so.6
> > > > #1  0x2ac5fc7e in malloc () from /lib/libc.so.6
> > > > #2  0x2ac57997 in open_memstream () from
> > > > /lib/libc.so.6#3  0x2acb90a9 in vsyslog ()
> > > >        
> > > >
> > > > from /lib/libc.so.6
> > >      
> > >
> > > > #4  0x2acb8ebd in syslog () from /lib/libc.so.6
> > > > #5  0x0804d4f5 in log (format=0x80619e0
> > > > "Starting %s daemon\n") at log.c:126
> > > > #6  0x0804f0cf in do_default () at monitor.c:504
> > > > #7  0x0804ec5d in do_action (args=0x7ffff8f4)
> > > > at monitor.c:316
> > > > #8  0x0804e917 in main (argc=1,
> > > > argv=0x7ffff8f4) at monitor.c:96
> > > > #9  0x2ac0b652 in __libc_start_main () from
> > > > /lib/libc.so.6
> > > >
> > > > --
> > > > Igor Homyakov
> > > > <homyakov AT ramax.spb.ru>
> > > >
> > > >
> > > > --
> > > > To unsubscribe:
> > > > http://mail.nongnu.org/mailman/listinfo/monit-
> > > > general
> > > >
> > > >        
> >    
>
>
>
> --
> To unsubscribe:
> http://mail.nongnu.org/mailman/listinfo/monit-general
>  

#include <stdio.h>

int main() {

        char src[]= "aaaa";
        char dst[4];

        snprintf(dst, 4, "%s", src);

        printf("src: %s\n", src);
        printf("dst: %s\n", dst);

        return 0;

}