Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

When and why can sprintf fail?

Tags:

c++

c

printf

widestring

I'm using swprintf to build a string into a buffer (using a loop among other things). 

const int MaxStringLengthPerCharacter = 10 + 1;
wchar_t* pTmp = pBuffer;
for ( size_t i = 0; i < nNumPlayers ; ++i)
{
    const int nPlayerId = GetPlayer(i);
    const int nWritten = swprintf(pTmp, MaxStringLengthPerCharacter, TEXT("%d,"), nPlayerId);
    assert(nWritten >= 0 );
    pTmp += nWritten;
}

*pTaskPlayers = '\0';

If during testing the assert never hits, can I be sure that it will never hit in live code? That is, do I need to check if nWritten < 0 and handle that, or can I safely assume that there won't be a problem?

Under which circumstances can it return -1? The documentation more or less just states "If the function fails". In one place I've read that it will fail if it can't match the arguments (i.e. the formatting string to the varargs) but that doesn't worry me.

I'm also not worried about buffer overrun in this case - I know the buffer is big enough.

like image 916
Srekel Avatar asked Jun 01 '10 08:06

Srekel

4 Answers

From the c99 standard:

The sprintf function returns the number of characters written in the array, not counting the terminating null character, or a negative value if an encoding error occurred.

This generally happens only with the multi-byte and wide character character set functions.

like image 134
paxdiablo Avatar answered Oct 05 '22 11:10

paxdiablo

It may fail with wrong format string, for example, which cannot happen in your case.

If buffer is not big enough, it may.

Otherwise, no reason for it to fail.

like image 37
Pavel Radzivilovsky Avatar answered Oct 05 '22 11:10

Pavel Radzivilovsky

In UNIX, it can fail:

 EILSEQ
       A wide-character code that does not  correspond  to  a
       valid character has been detected.

 EINVAL
       There are insufficient arguments.

EILSEQ has already been mentioned.

It may also fail, SIGSEGV, when the format specifier does not match the data - example using a %s format specifier with an int, 32 bit example:

int pdq=0xffffffff;
char tmp[32]={0x0};

sprintf(tmp, "%s", pdq);
like image 39
jim mcnamara Avatar answered Oct 05 '22 11:10

jim mcnamara

I believe there is another case where snprintf() cannot succeed. It does not appear to be mentioned in POSIX or the current Linux manpage.

Upon successful completion, the snprintf() function shall return the number of bytes that would be written to s had n been sufficiently large excluding the terminating null byte.

snprintf() returns int. But an input string could be larger than INT_MAX.

like image 42
sourcejedi Avatar answered Oct 05 '22 13:10

sourcejedi
Sign in to Comment

Related questions

Performing a pointer swap in a double-buffer multithread system
Rotating an image in C/C++
Read and write bytes from a file (c++)
Passing pointer to 2D array c++
Issue with Freetype and OpenGL
Template class, function specialization
Why can't I create a std::stack of std::ifstreams?
Retrieve time from the internet (bypassing PC clock)?
alternative to strdup
How to force a window to maintain a certain width/height ratio when resized
Overloading the QDataStream << and >> operators for a user-defined type
Alternate cause of BadImageFormatException in .NET Assembly?
C++ and Dependency Injection in unit testing
Displaying (rendering) HTML from a string in QT
Is there any standard delete functor?
What's the memory overhead for a single windows threads?
How to force Mac window to foreground?
Is it possible to use a DLL created using C# in an unmanaged VC++ application?
Visual Studio C++: Seeing the ASM code?
What do I need to include in my header file for ostream

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!