[Rd] incorrect output and segfaults from sprintf with %*d (PR#13667)
Wacek Kusnierczyk
Waclaw.Marcin.Kusnierczyk at idi.ntnu.no
Fri Apr 24 14:40:08 CEST 2009
maechler at stat.math.ethz.ch wrote:
>
> vQ> sprintf has a documented limit on strings included in the output using the
> vQ> format '%s'. It appears that there is a limit on the length of strings included
> vQ> with, e.g., the format '%d' beyond which surprising things happen (output
> vQ> modified for conciseness):
> >>>
>
> vQ> ... and this limit is *not* documented.
>
> MM> well, it is basically (+ a few bytes ?)
> MM> the same 8192 limit that *is* documented.
>
> indeed, I was right with that..
>
hmm, i'd guess this limit is valid for all strings included in the
output with any format? not just %s (and, as it appears, undocumentedly
%d)?
> vQ> while snprintf would help avoid buffer overflow, it may not be a
> vQ> solution to the issue of confused output.
>
> MM> I think it would / will. We would be able to give warnings and
> MM> errors, by checking the snprintf() return codes.
>
> My current working code gives an error for all the above
> examples, e.g.,
>
> > sprintf('%9999d', 1)
> Error in sprintf("%9999d", 1) :
> required resulting string length 9999 is > maximal 8191
>
> it passes 'make check-devel' and I am inclined to commit that
> code to R-devel (e.g. tomorrow).
>
> Yes, the documentation will also have to be amended, but apart
> from that, would people see a big problem with the "8192" limit
> which now is suddenly of greater importance
> {{as I said all along; hence my question to Wacek (and the
> R-develers) if anybody found that limit too low}}
>
i didn't find the limit itself problematic. (so far?)
btw. (i do know what that means ;)), after your recent fix:
sprintf('%q%s', 1)
# Error in sprintf("%q%s", 1) :
# use format %f, %e, %g or %a for numeric objects
sprintf('%s', 1)
# [1] "1"
you may want to add '%s' (and '%x', and ...) to the error message. or
perhaps make it say sth like 'invalid format: ...'. the problem is not
that %q is not applicable to numeric, but that it is not a valid format
at all.
there's also an issue with the additional arguments supplied after the
format: any superfluous arguments are ignored (this is not documented,
as far as i can see), but they *are* evaluated nevertheless, e.g.:
sprintf('%d', 0, {print(1)})
# "1"
# [1] "0"
it might be a good idea to document this behaviour.
best,
vQ
vQ
More information about the R-devel
mailing list