On Thu, Jan 21, 2010 at 10:49 AM, Klaus Darilion
<klaus.mailinglists at pernau.at> wrote:
> Hi!
>
> I encounter a crash in pjsua_acc.c: pjsua_acc_create_uac_contact() function
> during:
> contact->slen = pj_ansi_snprintf(contact->ptr, PJSIP_MAX_URL_SIZE,
> ? ? ? ? ? ? "%.*s%s<%s:%.*s%s%s%.*s%s:%d%s%.*s>%.*s",
> ? ? ? ? ? ? (int)acc->display.slen,
> ? ? ? ? ? ? acc->display.ptr,
> ? ? ? ? ? ? (acc->display.slen?" " : ""),
> ? ? ? ? ? ? ......
>
> When the account is configured without a user name (display name), then
> acc->display.slen will be 0 and acc->display.ptr will be uninitialized.
>
> When I build pjproject/QjSimple with an old mingw release (gcc3.4.5) then
> everything is fine, but if I build pjproject/QjSimple with mingw included in
> QtSDK2009.05 (gcc4.4.0) I get a segfault in
> c:\windows\system32\msvcrt.dll:strlen when creating the contact header.
>
> Questions:
> Is it allowed to call snprintf with an uninitialized pointer?
>From what I read, if the length is zero, nothing is supposed to be
printed. I assume then that the function will not try to read anything
from the pointer, but I don't know for sure.
> Why does crash behavior depend on the used compiler? Isn't snprintf a
> Windows function?
Not sure actually, since snprintf() is not part of C89. And Visual C's
snprintf has an underscore prefix. So it could well be that you're
using gcc's snprintf() rather than Windows's. So then the problem is
with gcc's sprintf().
> When using gcc4.4.0 - why is strlen called although %.*s is specified?
>
> Anyway, solution would be to:
>
> PJ_DEF(void) pjsip_name_addr_init(pjsip_name_addr *name)
> {
> ? ?name->vptr = &name_addr_vptr;
> ? ?name->uri = NULL;
> ? ?name->display.slen = 0;
> ? ?name->display.ptr = NULL;
> }
>
Done in http://trac.pjsip.org/repos/ticket/1026#comment:3
Thanks
Benny
