[reSIProcate] Issue compiling Security.cxx
Scott Godin
sgodin at sipspectrum.com
Tue Sep 10 10:06:54 CDT 2013
Fix is in. The commits were separated.
Regards,
Scott
On Tue, Sep 10, 2013 at 9:58 AM, Daniel Pocock <daniel at pocock.com.au> wrote:
>
> Hi Scott,
>
> I'll need the snprintf fix in a separate commit from any fix for the Data
> changes, because I will cherry-pick the snprintf stuff for the v1.8 branch
>
> Data changes are only for v1.9
>
> Regards,
>
> Daniel
>
>
>
> On 10/09/13 15:21, Scott Godin wrote:
>
> Thanks Dario - I've already made the same changes on my system and I'll be
> committing a fix. Looking at some other issues with latest Data changes as
> well on Visual Studio.
>
> Scott
>
>
> On Tue, Sep 10, 2013 at 9:13 AM, Dario Bozzali <Dario.Bozzali at ifmgroup.it>wrote:
>
>> Hello,
>>
>> I tried the patch, but it didn’t build using my environment. I had to
>> swap c99_vsnprintf and c99_snprintf order declaration/definition and I
>> had to add include of stdio.h file to have a successful build. See the
>> changed code below. I don’t know if my changes are the best solution.
>>
>> Best regards,
>>
>> Dario.
>>
>>
>>
>>
>>
>> #ifdef _MSC_VER
>>
>>
>>
>> #include <stdio.h>
>>
>>
>>
>> #define snprintf c99_snprintf
>>
>>
>>
>> inline int c99_vsnprintf(char* str, size_t size, const char* format,
>> va_list ap)
>>
>> {
>>
>> int count = -1;
>>
>>
>>
>> if (size != 0)
>>
>> count = _vsnprintf_s(str, size, _TRUNCATE, format, ap);
>>
>> if (count == -1)
>>
>> count = _vscprintf(format, ap);
>>
>>
>>
>> return count;
>>
>> }
>>
>>
>>
>> inline int c99_snprintf(char* str, size_t size, const char* format, ...)
>>
>> {
>>
>> int count;
>>
>> va_list ap;
>>
>>
>>
>> va_start(ap, format);
>>
>> count = c99_vsnprintf(str, size, format, ap);
>>
>> va_end(ap);
>>
>>
>>
>> return count;
>>
>> }
>>
>>
>>
>> #endif // _MSC_VER
>>
>>
>>
>> *From:* Daniel Pocock [mailto:daniel at pocock.com.au]
>> *Sent:* martedì 10 settembre 2013 13.25
>> *To:* Dario Bozzali
>> *Cc:* Adam Roach; resiprocate-devel at resiprocate.org
>> *Subject:* Re: [reSIProcate] Issue compiling Security.cxx
>>
>>
>>
>> On 09/09/13 20:03, Adam Roach wrote:
>>
>> On 9/9/13 11:23, Dario Bozzali wrote:
>>
>> I got the latest trunk revision of Resiprocate repository (10430), but
>> I’m facing an issue while compiling Security.cxx using Visual Studio 2005.
>>
>> In particular the error that I obtain is the following one:
>>
>> 1>.\ssl\Security.cxx(177) : error C3861: 'snprintf': identifier not found
>>
>> I think that it could be necessary to use _snprintf instead of snprintf
>> function, for example using a define like in the excerpt of code that I
>> reported below.
>>
>>
>> The problem here is that snprintf() guarantees null termination, while
>> Windows' _snprintf() does not (which can lead to some really nasty security
>> bugs). Because of this flaw, the general guidance that I offer is that no
>> one should ever use use Windows' _snprintf() -- it's fundamentally broken.
>>
>> I think what you really need to do is define a new function that wraps
>> _snprintf_s, with a "count" argument set to "_TRUNCATE".
>>
>>
>>
>> I just added one potential solution into rutil/compat.hxx
>>
>> Can you try updating to r10434 and test it?
>>
>>
>> _______________________________________________
>> resiprocate-devel mailing list
>> resiprocate-devel at resiprocate.org
>> https://list.resiprocate.org/mailman/listinfo/resiprocate-devel
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20130910/baddb1f2/attachment.htm>
More information about the resiprocate-devel
mailing list