Solved

sscanf causing core dump

Posted on 2004-10-19
8
765 Views
Last Modified: 2010-04-15
I have come across a bit of code that uses sscanf.  The function containing it is as follwos,

void f_extract_n(char *string, SINT *value, short *ind, int len )
{
    char    tmp[30];

    memset(&tmp, 0, 30 );
    strncpy( tmp, string, len );
printf("calling sscanf\n");
    if ( (sscanf(tmp, "%d", (unsigned int) value )) == EOF )
        *ind   = -1;
printf("sscanf ok\n");

    return;
}

When run under AIX 4.3(32bit) it works fine (where value in tmp is "001108") but when run under AIX 5.2(64 bit) the sscanf is core dumping (same value of tmp).  If I remove the (unsigned int) cast it works ok.  Can anyone tell me why the (unsigned int) cast is causing the core dump?
0
Comment
Question by:DLyall
8 Comments
 
LVL 45

Expert Comment

by:Kdo
ID: 12346623

sscanf needs a target location to place the converted value.  In this case you're recasting an address into an integer!  C is dutifully placing the integer on the stack prior to calling sscanf() and using this value as the address to store the conversion.

I suspect that the recast to an int (32-bits?) is dropping the upper 32 bits of the 64-bit address in the *value parameter.


Kent
0
 
LVL 12

Expert Comment

by:stefan73
ID: 12346679
Hi DLyall,
Replace (unsigned int) by (unsigned long).


Cheers!

Stefan
0
 
LVL 45

Accepted Solution

by:
Kdo earned 500 total points
ID: 12346795

Hi Stephan,

That is still an implementation specific solution because the pointer is being recast to an integer.  And recasting it to be a pointer to an integer (or pointer to a long) is no better because the function header explicitly declares the value to be a pointer to a short.  sscanf() could overwrite something that it shouldn't if the variable is improperly recast.

The best solution is to simply throw away the recasting and let the C compiler (and libraries) work.


Kent
0
 
LVL 45

Expert Comment

by:Kdo
ID: 12346809

I suspect that the code should recast the return value of sscanf(), not the pointer being passed.

Kent
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 48

Expert Comment

by:AlexFM
ID: 12347136
Out of topic: I wonder how this is working -

char    tmp[30];
memset(&tmp, 0, 30 );         // should be tmp and not &tmp
0
 
LVL 5

Expert Comment

by:van_dy
ID: 12347332
although memset(&tmp, 0, 30) is used wrongly, it can still work, only zeroing some other memory
0
 
LVL 45

Expert Comment

by:Kdo
ID: 12347378

I believe that the compiler will simply disregard the unnecessarey '&'.  Depending on the compiler options, it should produce a "superfluous '&'" warning.

Kent

0
 
LVL 6

Author Comment

by:DLyall
ID: 12347927
Cheers Kent

Removing the cast works on both the 32 and 64 bit environments.  Also I output the values of &tmp and tmp and they are the same so it looks like the & is ignored at compile time.

Thanks for your Help

Don
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Have you thought about creating an iPhone application (app), but didn't even know where to get started? Here's how: ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Important pre-programming comments: I’ve never tri…
Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
The goal of this video is to provide viewers with basic examples to understand recursion in the C programming language.
The goal of this video is to provide viewers with basic examples to understand how to use strings and some functions related to them in the C programming language.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now