< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

Re: [reSIProcate] Issue compiling Security.cxx


Thanks Dario - I've already made the same changes on my system and I'll be committing a fix.  Looking at some other issues with latest Data changes as well on Visual Studio.

Scott


On Tue, Sep 10, 2013 at 9:13 AM, Dario Bozzali <Dario.Bozzali@xxxxxxxxxxx> wrote:

Hello,

I tried the patch, but it didn’t build using my environment. I had to swap c99_vsnprintf and c99_snprintf order declaration/definition and I had to add include of stdio.h file to have a successful build. See the changed code below. I don’t know if my changes are the best solution.

Best regards,

Dario.

 

 

#ifdef _MSC_VER

 

#include <stdio.h>

 

#define snprintf c99_snprintf

 

inline int c99_vsnprintf(char* str, size_t size, const char* format, va_list ap)

{

    int count = -1;

 

    if (size != 0)

        count = _vsnprintf_s(str, size, _TRUNCATE, format, ap);

    if (count == -1)

        count = _vscprintf(format, ap);

 

    return count;

}

 

inline int c99_snprintf(char* str, size_t size, const char* format, ...)

{

    int count;

    va_list ap;

 

    va_start(ap, format);

    count = c99_vsnprintf(str, size, format, ap);

    va_end(ap);

 

    return count;

}

 

#endif // _MSC_VER

 

From: Daniel Pocock [mailto:daniel@xxxxxxxxxxxxx]
Sent: martedì 10 settembre 2013 13.25
To: Dario Bozzali
Cc: Adam Roach; resiprocate-devel@xxxxxxxxxxxxxxx
Subject: Re: [reSIProcate] Issue compiling Security.cxx

 

On 09/09/13 20:03, Adam Roach wrote:

On 9/9/13 11:23, Dario Bozzali wrote:

I got the latest trunk revision of Resiprocate repository (10430), but I’m facing an issue while compiling Security.cxx using Visual Studio 2005.

In particular the error that I obtain is the following one:

1>.\ssl\Security.cxx(177) : error C3861: 'snprintf': identifier not found

I think that it could be necessary to use _snprintf instead of snprintf function, for example using a define like in the excerpt of code that I reported below.


The problem here is that snprintf() guarantees null termination, while Windows' _snprintf() does not (which can lead to some really nasty security bugs). Because of this flaw, the general guidance that I offer is that no one should ever use use Windows' _snprintf() -- it's fundamentally broken.

I think what you really need to do is define a new function that wraps _snprintf_s, with a "count" argument set to "_TRUNCATE".



I just added one potential solution into rutil/compat.hxx

Can you try updating to r10434 and test it?


_______________________________________________
resiprocate-devel mailing list
resiprocate-devel@xxxxxxxxxxxxxxx
https://list.resiprocate.org/mailman/listinfo/resiprocate-devel