From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,HEADER_SPAM autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,b30bd69fa8f63cb2 X-Google-Attributes: gid103376,public X-Google-Thread: fc772,b30bd69fa8f63cb2 X-Google-Attributes: gidfc772,public X-Google-ArrivalTime: 2003-06-09 16:48:32 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!logbridge.uoregon.edu!uwm.edu!rpi!not-for-mail From: "Balog Pal" Newsgroups: comp.lang.ada,comp.lang.c++.moderated Subject: Re: C bug of the day Date: 9 Jun 2003 19:50:49 -0400 Organization: LiB Sender: cppmods@netlab.cs.rpi.edu Message-ID: <3ee4e87f@andromeda.datanet.hu> References: NNTP-Posting-Host: netlab.cs.rpi.edu X-Original-Date: Mon, 9 Jun 2003 21:48:23 +0100 X-Submission-Address: c++-submit@netlab.cs.rpi.edu X-Auth: PGPMoose V1.1 PGP comp.lang.c++.moderated iQBVAwUAPuUdVEHMCo9UcraBAQEzjAH/U5/tfiY04NVRsx/bHhfDmAQI81qOWfBt K6lFfNVqXZWkGoJAo4R97wGvA1K+gkewkT6D26aNU0mfcuz6IxU9yA== =tzjm Xref: archiver1.google.com comp.lang.ada:38880 comp.lang.c++.moderated:68054 Date: 2003-06-09T19:50:49-04:00 List-Id: "Hyman Rosen" wrote in message news:sUUCa.41207$fT5.6121@nwrdny01.gnilink.net... > In this case, the program was trying to form an SQL command > for entering a row of data into a database table. Even though > the program is written in C++, the programmers apparently > decided that the way to produce the SQL was to format it into > a fixed-size buffer. Unfortunately, they decided to use '%f' > to format some floating-point numbers, and more unfortunately, > a situation arose in our data where a number was on the order > of 10**141. Boom! Microsoft's managed to have a similar bug in MFC 's CString::Format(). That supposed to return a corect string for the arguments. Internally they calculate the needed length for the format line, and some 128 bytes got assumed fot %f. Which spans to around 300. That waw in MSVC 5.0, corrected in 6.0. Look out for old mfc42.dll-s possibly still lingering. Paul [ Send an empty e-mail to c++-help@netlab.cs.rpi.edu for info ] [ about comp.lang.c++.moderated. First time posters: do this! ]