ImFormatString() Fixed an overflow handling bug with implementation of vsnprintf() that do not return -1 (#793)

docking
ocornut 9 years ago
parent 82768e05f3
commit 63d47bc5a4

@ -944,21 +944,30 @@ const char* ImStristr(const char* haystack, const char* haystack_end, const char
return NULL; return NULL;
} }
// MSVC version appears to return -1 on overflow, whereas glibc appears to return total count (which may be >= buf_size).
// Ideally we would test for only one of those limits at runtime depending on the behavior the vsnprintf(), but trying to deduct it at compile time sounds like a pandora can of worm.
int ImFormatString(char* buf, int buf_size, const char* fmt, ...) int ImFormatString(char* buf, int buf_size, const char* fmt, ...)
{ {
IM_ASSERT(buf_size > 0);
va_list args; va_list args;
va_start(args, fmt); va_start(args, fmt);
int w = vsnprintf(buf, buf_size, fmt, args); int w = vsnprintf(buf, buf_size, fmt, args);
va_end(args); va_end(args);
buf[buf_size-1] = 0; if (w == -1 || w >= buf_size)
return (w == -1) ? buf_size : w; w = buf_size - 1;
buf[w] = 0;
return w;
} }
int ImFormatStringV(char* buf, int buf_size, const char* fmt, va_list args) int ImFormatStringV(char* buf, int buf_size, const char* fmt, va_list args)
{ {
IM_ASSERT(buf_size > 0);
int w = vsnprintf(buf, buf_size, fmt, args); int w = vsnprintf(buf, buf_size, fmt, args);
buf[buf_size-1] = 0; if (w == -1 || w >= buf_size)
return (w == -1) ? buf_size : w; w = buf_size - 1;
buf[w] = 0;
return w;
} }
// Pass data_size==0 for zero-terminated strings // Pass data_size==0 for zero-terminated strings

Loading…
Cancel
Save