Bogus snprintf error checking in

Bug #810272 reported by Laurynas Biveinis on 2011-07-14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Percona Server moved to
Fix Released
Laurynas Biveinis
Fix Released
Laurynas Biveinis

Bug Description

The code reads
  std::size_t result_length= snprintf(buffer,buffer_size,format,second,microsecond);
  if(result_length < 0)
    /* Assume the result is overflowing */

The return type of snprintf is signed int, the type size_t is unsigned, thus the negative return values are lost and the if-clause is dead code, as warned by the compiler:

sql/ error: comparison of unsigned expression < 0 is always false

The second problem is that the code inside if-clause assumes that the error is that the string was truncated, which is wrong. If the string was truncated, then snprintf returns positive value that is larger than the specified output buffer size. The negative value is returned for other errors.

Related branches

Percona now uses JIRA for bug reports so this bug report is migrated to:

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers