Perl dumper truncates DEFVALs with lots of BITS, causing perl syntax errors

There are two fixed-size buffers in this code path:
- getValueString's s[100]. This one is gaily overflowed, with sprintf(&s[strlen(s)], ...)
- fprint's s[200]. This one is not overflowed, but this overflow causes the syntax error, since fprint(f, ""%s"", getValueString(smiValue, smiType)); loses the trailing quote.
My workaround was to change them to s[500] and s[1000], respectively. A more robust workaround might be to output the trailing quote with a different fprint() call, so that a too-long value creates a valid perl program with invalid data. (I don't know if that's better or worse.)
If vasprintf() is available, fprint could use that to avoid a fixed-length buffer. I don't have any suggestions for getValueString's fixed-length buffer.
A good test case is POLICY-BASED-MANAGEMENT-MIB (RFC 4011)'s pmSchedDay.
Bill

On Mon, Mar 12, 2007 at 04:27:55PM -0800, Bill Fenner wrote:
There are two fixed-size buffers in this code path:
- getValueString's s[100]. This one is gaily overflowed, with
sprintf(&s[strlen(s)], ...)
- fprint's s[200]. This one is not overflowed, but this overflow causes the syntax error, since fprint(f, ""%s"", getValueString(smiValue, smiType)); loses the trailing quote.
My workaround was to change them to s[500] and s[1000], respectively. A more robust workaround might be to output the trailing quote with a different fprint() call, so that a too-long value creates a valid perl program with invalid data. (I don't know if that's better or worse.)
If vasprintf() is available, fprint could use that to avoid a fixed-length buffer. I don't have any suggestions for getValueString's fixed-length buffer.
This is a long standing known bug. Since we introduced smiVasprintf() some time ago, which is essentially vasprintf(), I have simply changed all fprint()s to use a dynamically allocated string.
The getValueString() functions also should be changed to use a buffer that grows dynamically but this is more tricky to get done; so for now I just increased the buffer size - which is not really a fix. If there are boring sessions next week in Prague, I might find some time to hack together something more reasonable.
I have updated the svn repository.
/js
participants (2)
-
Bill Fenner
-
Juergen Schoenwaelder