bug#9129: Built-in printf Sits Awkwardly with UDP.

[Jim Meyering]

retitle 9129 printf: RFE: reject field width larger than INT_MAX
tags 9129 notabug
thanks

Eric Blake wrote:
> [adding coreutils]
>
> On 07/20/2011 07:34 AM, Ralph Corderoy wrote:
>> BTW, the code for the built-in printf has a bug.  For negative
>> field-widths it negates a negative integer without checking it will fit.
>> E.g. on this 64-bit machine
>>
>>      $ printf '%-9223372036854775808s.\n' foo
>>      foo.
>>      $
>
> Coreutils' printf shares this misfortune.  Sadly, it might even be a
> bug in the underlying glibc printf(), although I haven't tried to
> write a test program to check that, yet.

This is not about a negative field width.
You can induce misbehavior without the "-".
The "-" is just the left-alignment option.
Compare these:

    $ printf '_%2s_\n' o
    _ o_
    $ printf '_%-2s_\n' o
    _o _

The trouble is that whenever you specify a field width larger than INT_MAX,
you enter into unspecified (or was it undefined?) territory.

Applications like printf or bash's built-in printf should be able
to detect and diagnose such questionable inputs before passing the
offending directive to an underlying *printf function.

I've marked this "not a bug" but have left the ticket open,
since I see it as a reasonable request for improvement.