[PATCH] lib/util: Add optional format argument to timeval_str_buf()

Martin Schwenke martin at meltin.net
Thu Oct 9 04:05:40 MDT 2014

On Thu, 9 Oct 2014 07:59:43 +0200, Volker Lendecke
<Volker.Lendecke at SerNet.DE> wrote:

> On Thu, Oct 09, 2014 at 04:36:17PM +1100, Martin Schwenke wrote:
> > A simple patch to allow the format for most of the timeval_str_buf()
> > output to be optionally specified.  NULL means use the current default.
> > 
> > Please review and push if OK.
> Hmm. Right now the timeval_str_buf function can be assumed to never fail,
> because timeval_buf is large enough. If we now add a format argument,
> it could easily overflow unnoticed. Is that what we want?

No.  Thanks for picking that up.  You'd have to be trying hard to
overflow 128 byte of time string... but my code should have been
better... :-)

I'd be happy if it truncated instead of overflowing.  However,
strftime(3) doesn't provide such an option - it returns 0 and output
is undefined on potential overflow.

So, I'd be happy to either:

* Document a limitation (silent failure) and ensure that there can be
  no buffer overflow.  I think that would be enough given that the
  format is always provided by the calling code (i.e. it isn't user
  input) and the caller should be sensible.

* On overflow, return NULL.  The caller could choose to ignore the
  result, especially with the default format.

I guess the 2nd option is better.  Patch attached.  What do you think?

peace & happiness,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samba.patches
Type: application/octet-stream
Size: 3307 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141009/b2df86e9/attachment.obj>

More information about the samba-technical mailing list