bogus BUFR string encoding
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libECBUFR |
Fix Committed
|
Medium
|
cpb |
Bug Description
In a nutshell... bufr_value_
*However* the encoder operates under the assumption that len is the same as the descriptor datawidth. If the user *cough* naively believes that the len==strlen(buf), then encoder dumps some random chunk of memory into the output.
Besides being a potential buffer overflow, this breaks things like BUFR compression (see the "differs check" in bufr_put_
It also means more management overhead for API users... BufrValue objects are frequently used standalone, with the various set/get functions implicitly converting types as needed and generally hiding the BUFR type details. Requiring the caller to "know" the datawidth means they have to keep tables around everywhere.
Simplest fix is to introduce a
bufr_
function which implicitly blank pads output strings when the len < enclen.
Changed in libecbufr: | |
assignee: | nobody → cpb (chris-beauregard) |
Changed in libecbufr: | |
status: | New → Fix Committed |
importance: | Undecided → Medium |