Ubuntu
wiredtiger package

  1. Bug #2056102
  2. Comment #2

Comment 2 for bug 2056102

Revision history for this message
Pushkar Kulkarni (pushkarnk) wrote (last edit ):

The problem lies in the snprintf() calls within the loop [1][2][3]:

-----

(void)snprintf(k[i], sizeof(k), "key%d", i);

-----

Variable k is defined as:

-----

char k[15][16]

-----

sizeof(k) is hence 15*16 = 240. This works for snprintf(k[0]...) only. For larger indices, a buffer overflow will result.

[1] https://git.launchpad.net/ubuntu/+source/wiredtiger/tree/examples/c/ex_async.c#n146
[2] https://git.launchpad.net/ubuntu/+source/wiredtiger/tree/examples/c/ex_async.c#n151
[3] https://git.launchpad.net/ubuntu/+source/wiredtiger/tree/examples/c/ex_async.c#n191