Always write the value to be formatted in hexadecimal, to make it easily
distinguishable from the buffer size and maximum line length.
Use consistent wording in the comments of the test cases. Be stricter
about mistakes in a format.
Fix some wrong numbers in the snprintb_m tests for limited line length.
Previously, these descriptions were only allowed on platforms where
plain 'char' is unsigned. On platforms where plain 'char' is signed,
they invoked undefined behavior or terminated the output early.
Always null-terminate the output in the buffer, even in error cases. The
wording in the manual page has been promising this since 2008. For
snprintb_m, ensure that the output is terminated with two null
characters, to gracefully handle situations in which the caller does not
check whether snprintb returned an error.
If the buffer size is zero, allow the buffer to be a null pointer,
analogous to snprintf.
Fix an out-of-bounds memory read if the bitfmt ends with a '*' directive
(since today).
In the tests, merge the helper functions for snprintb, snprintb_m, as
they were similar enough.
Fix a few 'line_max exceeded' tests, ensuring that they output a '#'
marker, and that the 'complete' tests don't.
Previously, these invoked undefined behavior, now they lead to an early
return. An example of out-of-bounds bit number is in SCZ_PCICTRL_BITS.
Bit fields that extend beyond the msb are still allowed.
Allow 'f' and 'F' to have fields that are 64 bits wide. This only makes
sense when the field starts at bit 0.
Remove the unused 'val_len', it was only needed before snprintb.c 1.20.
The manual page promises that the 'max' argument limits the length of
the generated strings, so don't generate any strings that are longer
than that limit. Mark incomplete strings with a trailing '#' to make
them easily recognizable.
Before t_snprintb.c 1.20, the buffer size was required to be greater
than zero. Allowing the buffer size to be zero led to buf[-1] being
checked. On amd64, that byte happened to be 0, on i386 it didn't.
Fixes PR lib/57951.
Due to the check that any bytes beyond the expected output must be
unmodified, there's no need anymore to explicitly write the "ZZZ" at the
end of the expected output. While here, remove the redundant trailing
"\0".
Add more tests to cover possible situations where an out-of-bounds write
may have occurred. In some cases, the line length specified in
snprintb_m is exceeded.
In the previous commit, I had accidentally only run the tests for
snprintb_m but not those for snprintb, thereby missing a newly
introduced bug that would not null-terminate the resulting strings.
Add more tests to cover similar situations in which the buffer is too
small to contain the complete output.
Test all number bases (octal, decimal, hexadecimal), in both old-style
and new-style formats, as well as small buffer sizes.
Document working edge cases such as empty descriptions or descriptions
containing spaces, as well as situations that invoke undefined behavior.
Add comments to the individual test cases, as reading the actual format
strings takes more time.
In case of a failure, print the details of the test case, including file
and line number of the actual test data. Do not write the format strings
directly to the output, as they contain non-printable bytes and embedded
null bytes.
After a failed test case, continue with the others.
Lay out the format strings according to their structure, to make them
more readable. Remove redundant "\0" at the end of the new-style format
strings.
Fix an off-by-one error in the test data: 0xf is FIFTEEN, not SIXTEEN.
Add a test for performing a restricted subset of rot13 in the format
string, to explore the limits of snprintb formatting.
What's still missing are tests for edge cases and error cases.
The F spec is one of those, it should be terminated with \0 just like all
the others (irrelevant that it has no extra data to delimit).
Fix <sys/mman.h> to define the snprintb() format string correctly (include
the missing \0's). Fix the copy of that definition included into
snprintb(3) to match the updated mman.h version (ride the date bump
from the day before yesterday .. this is the same change, just corrected).
Undo the previous snprintb.c change ("off by one" fix) which was an
attempt to make the broken mman.h usage work (and did, but not the way
it should be done). Also, after using the new * format (instead of only
when something has already matched) skip the associated data so we don't
attempt to interpret it as more field specifiers. This func needs lots of TLC!
Fix the ATF tests for snprintb() to not assume that F format is really
exactly like f format, and has data after the field specifier. It doesn't.
Add several more tests (including testing the '*' field operator
recently added).
Add 6 extra tests for the 12am/12pm bug - all currently expected to fail.
(That is, 6 subtests of the "times" test will fail, all new ones)>
While here, when parsedate() fails (returns -1) avoid converting that
failure value (-1) to a struct tm (1969-12-31T23:59:59 UTC) and then
comparing the values with those expected by the test, and complaining
about all of those (where ANY was not permitted) that don't match...
various dates over a span of a few decades, instead of just once
relative to the current date. This makes the test fail consistently
instead of sometimes failing and sometimes not depending on when
it is run. Makes PR lib/50574 consistently reproducible.
While here, improve the general legibility of the printout. Not
actually relevant to PR 50574, but anyone looking at that should be
aware of this change.
not 14. When evaluated on a Monday, it apparently means 13 days in the
future. There's not exactly a spec for parsedate.y, so conform to the
implementation.
PR 50574.
XXX: to me at least this is an odd notion of "next Sunday", but whatever...
particular it doesn't add a week if evaluating that on Wednesday.
Whether that's right is an open question, but there's not exactly a
spec for parsedate.y and there's no point having the test fail one
day in seven.
PR 50574.
rillig