caput of escaped strings to CHAR array send too large array count
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
EPICS Base |
Fix Released
|
Medium
|
Ralph Lange | ||
3.14 |
Fix Released
|
Medium
|
Ralph Lange | ||
3.15 |
Fix Released
|
Medium
|
Ralph Lange | ||
3.16 |
Fix Released
|
Medium
|
Ralph Lange |
Bug Description
When a string is written to a CHAR array, the array count is set to string length+1 (includes terminating 0 byte).
But when escape sequences are used, the byte count does not get adjusted. Thus a sequence like "\a" sends 3 bytes (7 0 0), not 2.
This is the piece of code in question (caput.c). See how the result of epicsStrnRawFro
if (charArrAsStr) {
count = len;
dbrType = DBR_CHAR;
ebuf = calloc(
}
} else {
The bug appeared together with the -S option (3.14.12 ?) and can still be found in 3.15.1.
The bug is relatively harmless because it simply sends too many trailing 0 bytes.
Related branches
description: | updated |
Changed in epics-base: | |
importance: | Undecided → Medium |
assignee: | nobody → Ralph Lange (ralph-lange) |
status: | New → Confirmed |
Changed in epics-base: | |
milestone: | none → 3.15.4 |
How many times can one short piece of code call strlen() on the same string?