Implementation fixes

The printf(3) man page says "The functions snprintf() and vsnprintf() do
not write more than size bytes (including the terminating null byte
('\0')).  If the output was truncated due to this limit, then the return
value is the number of characters (excluding the terminating null byte)
which would have been written to the final string if enough space had been
available." The last part of this spec (returning the number of
characters which would have been written to the string if enough space
had been available) was not implemented in minimal-printf. This PR
changes that by redirecting all the processed characters through the
"minimal_printf_putchar" helper function. This function will not write
to the buffer if there's no space left, but it will always increment the
number of written characters, in order to match the above description.
minimal_printf_putchar also contains checks for overflows, so these
checks are no longer needed in the rest of the code.

Other changes:

- In some cases, mbed_minimal_formatted_string didn't put the string
  terminator in the output buffer. This PR ensures that this always
  happens.
- Fixed a bug in printed hexadecimal numbers introduced by a previous
  commit.
- Added buffer overflow tests for snprintf.

Author: bogdanm

features/minimal-printf/TESTS/minimal-printf/compliance/main.cpp

@@ -618,6 +618,7 @@ static control_t test_snprintf_x(const size_t call_count)
     return CaseNext;
 }
 
+#if MBED_CONF_MINIMAL_PRINTF_ENABLE_FLOATING_POINT
 static control_t test_printf_f(const size_t call_count)
 {
     int result_baseline;
@@ -672,6 +673,99 @@ static control_t test_snprintf_f(const size_t call_count)
 
     return CaseNext;
 }
+#endif
+
+
+/* Generic buffer overflow test function.
+ * Template parameters:
+    * 'T' is the type being tested
+    * 'buf_size' is the buffer size used in tests
+  * Function parameters:
+    * 'fmt' is the format to use for sprintf
+    * 'data' is the data that will be printed
+*/
+template<typename T, size_t buf_size>
+static control_t test_snprintf_buffer_overflow_generic(const char *fmt, T data)
+{
+    char buffer_baseline[buf_size];
+    char buffer_minimal[buf_size];
+    int result_baseline;
+    int result_minimal;
+
+    /* empty buffer test */
+    result_minimal = mbed_snprintf(buffer_minimal, 0, fmt, data);
+    result_baseline = snprintf(buffer_baseline, 0, fmt, data);
+    TEST_ASSERT_EQUAL_INT(result_baseline, result_minimal);
+
+    /* buffer isn't large enough, output needs to be truncated */
+    result_minimal = mbed_snprintf(buffer_minimal, buf_size - 2, fmt, data);
+    result_baseline = snprintf(buffer_baseline, buf_size - 2, fmt, data);
+    TEST_ASSERT_EQUAL_STRING(buffer_baseline, buffer_minimal);
+    TEST_ASSERT_EQUAL_INT(result_baseline, result_minimal);
+
+    /* buffer is one byte shorter than needed, string terminator must
+       be written and output must be truncated */
+    result_minimal = mbed_snprintf(buffer_minimal, buf_size - 1, fmt, data);
+    result_baseline = snprintf(buffer_baseline, buf_size - 1, fmt, data);
+    TEST_ASSERT_EQUAL_STRING(buffer_baseline, buffer_minimal);
+    TEST_ASSERT_EQUAL_INT(result_baseline, result_minimal);
+
+    /* buffer is just long enough */
+    result_minimal = mbed_snprintf(buffer_minimal, buf_size, fmt, data);
+    result_baseline = snprintf(buffer_baseline, buf_size, fmt, data);
+    TEST_ASSERT_EQUAL_STRING(buffer_baseline, buffer_minimal);
+    TEST_ASSERT_EQUAL_INT(result_baseline, result_minimal);
+
+    return CaseNext;
+}
+
+/* Based on the generic buffer overflow function above, create tests for
+   each relevant data type. In each case, the buffer for printing will only
+   be large enough to fit the printed data. */
+static control_t test_snprintf_buffer_overflow_d(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<int, sizeof("d: -1024")>("d: %d", -1024);
+}
+
+static control_t test_snprintf_buffer_overflow_ld(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<long, sizeof("ld: -1048576")>("ld: %ld", -1048576L);
+}
+
+static control_t test_snprintf_buffer_overflow_lld(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<long long, sizeof("lld: -1099511627776")>("lld: %lld", -1099511627776LL);
+}
+
+static control_t test_snprintf_buffer_overflow_u(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned int, sizeof("u: 1024")>("u: %u", 1024);
+}
+
+static control_t test_snprintf_buffer_overflow_lu(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned long, sizeof("lu: 1048576")>("lu: %lu", 1048576UL);
+}
+
+static control_t test_snprintf_buffer_overflow_llu(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned long long, sizeof("llu: 1099511627776")>("llu: %llu", 1099511627776ULL);
+}
+
+static control_t test_snprintf_buffer_overflow_x(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned int, sizeof("x: 0x400")>("x: 0x%x", 0x400);
+}
+
+static control_t test_snprintf_buffer_overflow_lx(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned long, sizeof("lx: 0x100000")>("lx: 0x%lx", 0x100000UL);
+}
+
+static control_t test_snprintf_buffer_overflow_llx(const size_t call_count)
+{
+    return test_snprintf_buffer_overflow_generic<unsigned long long, sizeof("llx: 0x10000000000")>("llx: 0x%llx", 0x10000000000ULL);
+}
 
 utest::v1::status_t greentea_setup(const size_t number_of_cases)
 {
@@ -690,6 +784,15 @@ Case cases[] = {
     Case("printf %f", test_printf_f),
     Case("snprintf %f", test_snprintf_f),
 #endif
+    Case("snprintf buffer overflow %d", test_snprintf_buffer_overflow_d),
+    Case("snprintf buffer overflow %ld", test_snprintf_buffer_overflow_ld),
+    Case("snprintf buffer overflow %lld", test_snprintf_buffer_overflow_lld),
+    Case("snprintf buffer overflow %u", test_snprintf_buffer_overflow_u),
+    Case("snprintf buffer overflow %lu", test_snprintf_buffer_overflow_lu),
+    Case("snprintf buffer overflow %llu", test_snprintf_buffer_overflow_llu),
+    Case("snprintf buffer overflow %x", test_snprintf_buffer_overflow_x),
+    Case("snprintf buffer overflow %lx", test_snprintf_buffer_overflow_lx),
+    Case("snprintf buffer overflow %llx", test_snprintf_buffer_overflow_llx),
 };
 
 Specification specification(greentea_setup, cases, greentea_test_teardown_handler);