Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Limit the max output of printf #4496

Closed
wants to merge 1 commit into from
Closed

fix: Limit the max output of printf #4496

wants to merge 1 commit into from

Conversation

howjmay
Copy link
Contributor

@howjmay howjmay commented Mar 11, 2023

Closes #1879

@howjmay howjmay marked this pull request as ready for review March 11, 2023 13:40
@sylvestre
Copy link
Contributor

Clippy is not happy

@jfinkels
Copy link
Collaborator

I'm not sure this is solving the right problem. The linked issue is requesting the following behavior:

$ /usr/bin/printf '%.*d\n' 2147483648 0
/usr/bin/printf: invalid precision: ‘2147483648’

First, this pull request does not produce that error message. Second, it would need to fill a vector with a very long string just to get to that point. This would probably be more effectively implemented by just checking at the time of parsing the command-line arguments whether the number is 2^31 or greater. Also, it would benefit from a unit test in the tests/by-util/test_printf.rs file.

@howjmay
Copy link
Contributor Author

howjmay commented Mar 12, 2023

I'm not sure this is solving the right problem. The linked issue is requesting the following behavior:

$ /usr/bin/printf '%.*d\n' 2147483648 0
/usr/bin/printf: invalid precision: ‘2147483648’

First, this pull request does not produce that error message. Second, it would need to fill a vector with a very long string just to get to that point. This would probably be more effectively implemented by just checking at the time of parsing the command-line arguments whether the number is 2^31 or greater. Also, it would benefit from a unit test in the tests/by-util/test_printf.rs file.

So I should find if %.*d exist in the format patter? I am implementing in this way, since I found it quite hard to find escape character and corresponding parameter

@tertsdiepraam
Copy link
Member

This would probably be more effectively implemented by just checking at the time of parsing the command-line arguments whether the number is 2^31 or greater

Indeed, the goal here is that this number is so large that it's probably a user error and just writes a nonsensical amount of data. So we don't gain much if we still try to write it to a vec, which might also make printf run out of memory.

I am implementing in this way, since I found it quite hard to find escape character and corresponding parameter

Yeah that is quite difficult. I suppose it should be a check somewhere inside Memo, which already does most of the parsing.

@uutils uutils deleted a comment from github-actions bot Apr 28, 2023
@uutils uutils deleted a comment from github-actions bot Apr 28, 2023
@sylvestre
Copy link
Contributor

Clippy complains about:
ERROR: cargo clippy: this comparison involving the minimum or maximum element for this type contains a case that is always true or always false (file:'src/uucore/src/lib/features/memo.rs', line:121)

and format!() (should be easy)

@howjmay howjmay closed this Jun 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

printf does not have limits for the maximum value of its arguments
4 participants
@howjmay @sylvestre @jfinkels @tertsdiepraam