This is the mail archive of the
ecos-devel@sourceware.org
mailing list for the eCos project.
Re: Configtool segfaults
- From: Martin Laabs <martin dot laabs at mailbox dot tu-dresden dot de>
- To: eCos Developer List <ecos-devel at ecos dot sourceware dot org>
- Date: Fri, 07 Oct 2011 17:07:33 +0200
- Subject: Re: Configtool segfaults
- References: <4E8C5768.8090804@mailbox.tu-dresden.de>
- Reply-to: uni at martinlaabs dot de
Hello,
I compiled the configtool on my amd64 system (freebsd). After changing some
int* casts to intptr_t compiling the configtool worked. (Any interests in
the diff?)
However - starting the configtool out of a long directory lead to a
segfault. I traced down the problem to the String::vFormat function
void String::vFormat(LPCTSTR pszFormat, va_list marker)
{
for(int nLength=100;nLength;) {
TCHAR *buf=new TCHAR[1+nLength];
int n=_vsntprintf(buf, nLength, pszFormat, marker );
if(-1==n){
nLength*=2; // NT behavior
} else if (n<nLength){
string::operator=(buf);
nLength=0; // trigger exit from loop
} else {
nLength=n+1; // UNIX behavior generally, or NT behavior when buffer
size exactly matches required length
}
delete [] buf;
}
}
When the for-loop runs the second time (which occurs when the output string
is longer that 100 chars) the _vsntprintf function is called a second time.
This is not allowed because the va_list argument marker has already
consumed during the first call.
Anyway - the coding style of this function seems to be somewhat strange.
Why using the "nLength=0; // trigger exit from loop" instead of calling
exit? However - I'm not very familiar with c++ so it might be the better
way to exit that loop.
Greetings,
Martin Laabs