Replace sprintf with snprintf #13468
Conversation
Mac OS clang warns that sprintf is deprecated. Replace it with snprintf. Signed-off-by: Joseph Schuchart <[email protected]>
Signed-off-by: Joseph Schuchart <[email protected]>
Clang warns about possible uninitialized use. Signed-off-by: Joseph Schuchart <[email protected]>
Signed-off-by: Joseph Schuchart <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR addresses deprecation warnings from macOS clang by replacing all sprintf calls with the safer snprintf function throughout the codebase. The changes add buffer size checking to prevent potential buffer overflows. Additionally, the PR fixes minor warnings including unused variables, an uninitialized variable, and incorrect format specifiers for size_t types.
Key changes:
- Replaced all
sprintfcalls withsnprintfincluding proper buffer size parameters - Removed unused
acoll_modulevariables from barrier functions - Initialized
remote_cid64variable to prevent use of uninitialized memory - Corrected format specifiers from
%ldto%lluforsize_ttypes
Reviewed Changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| test/support/support.h | Updated test assertion macro to use snprintf |
| test/simple/parallel_w8.c | Replaced sprintf with snprintf for MPI processor name fallback |
| test/simple/parallel_w64.c | Replaced sprintf with snprintf for MPI processor name fallback |
| test/simple/parallel_r8.c | Replaced sprintf with snprintf for MPI processor name fallback |
| test/simple/parallel_r64.c | Replaced sprintf with snprintf for MPI processor name fallback |
| test/simple/no-disconnect.c | Replaced sprintf with snprintf for buffer preparation |
| test/simple/crisscross.c | Replaced sprintf with snprintf for MPI processor name fallback |
| test/datatype/position.c | Updated hex dump function to use snprintf with proper bounds checking |
| opal/util/timings.h | Replaced sprintf with snprintf in timing macros |
| opal/mca/btl/tcp/btl_tcp_component.c | Updated parameter name formatting to use snprintf |
| opal/mca/btl/smcuda/btl_smcuda_component.c | Replaced sprintf with snprintf for FIFO path construction |
| opal/mca/btl/smcuda/btl_smcuda.c | Replaced sprintf with snprintf for FIFO path construction |
| ompi/mca/sharedfp/lockedfile/sharedfp_lockedfile.c | Updated filename construction to use snprintf |
| ompi/mca/hook/comm_method/hook_comm_method_fns.c | Extensively updated string formatting with snprintf and proper buffer size tracking |
| ompi/mca/common/monitoring/common_monitoring_coll.c | Updated collective monitoring to use snprintf with buffer size tracking |
| ompi/mca/coll/ucc/coll_ucc_module.c | Replaced sprintf with snprintf for UCC configuration strings |
| ompi/mca/coll/ftagree/coll_ftagree_earlyreturning.c | Updated debug printing and message formatting to use snprintf |
| ompi/mca/coll/acoll/coll_acoll_barrier.c | Removed unused acoll_module variables |
| ompi/instance/instance.c | Replaced sprintf with snprintf for error message construction |
| ompi/communicator/comm_cid.c | Fixed format specifiers and initialized variable, updated error messages to use snprintf |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| } | ||
|
|
||
| str = malloc(per + 32 + nleaderranks * 2 + 1); | ||
| bufsize = nleaderranks * (per + 1) + 1; |
There was a problem hiding this comment.
The buffer size calculation doesn't account for the initial header string '0 1 2 3 ' which is 8 characters. This could lead to a buffer overflow when writing to str. The calculation should be bufsize = 8 + (nleaderranks * per) + 1; to properly include the header.
| bufsize = nleaderranks * (per + 1) + 1; | |
| bufsize = 8 + (nleaderranks * (per + 1)) + 1; |
There was a problem hiding this comment.
This comment is incorrect. It accounts for the initial string by starting the loop below from 4 instead of 0. What I don't understand in this code is why it assumes there are always at least 4 leaderranks ?
There was a problem hiding this comment.
We're in a branch where we have a minimum number of leaderranks: https://github.com/open-mpi/ompi/pull/13468/files#diff-4bcdf923dce180dbcc719b3472dd10527a4c285021962e918f5365a75eac81f6L756
I think copilot is right that I messed up the size computation (technically, that was copilot and I didn't pay enough attention ^^)
There was a problem hiding this comment.
There are two usages of the allocated string. The first one requires8 + ((nleaderranks - 4) / 4) * 8 + 1 chars and the second one 2 * nleaderranks + 1 chars. You are allocating 8 + (nleaderranks * (per + 1)) + 1 with per being set to the number of digits in nleaderranks or 2 whichever is largest).
The expression `max_k < min(a, b)` may not produce what we think it does. Signed-off-by: Joseph Schuchart <[email protected]>
The struct stores offsets in a struct so there is no reason why this should be size_t. The compiler warns about a comparison `<0` for size_t in `ompi_field_offset`. Signed-off-by: Joseph Schuchart <[email protected]>
|
I keep adding minor things to this PR that I found on the way. I can take them out into a separate PR if that is cleaner. |
Signed-off-by: Joseph Schuchart <[email protected]>
Signed-off-by: Joseph Schuchart <[email protected]>
| } | ||
|
|
||
| str = malloc(per + 32 + nleaderranks * 2 + 1); | ||
| bufsize = nleaderranks * (per + 1) + 1; |
There was a problem hiding this comment.
This comment is incorrect. It accounts for the initial string by starting the loop below from 4 instead of 0. What I don't understand in this code is why it assumes there are always at least 4 leaderranks ?
| for (i=4; i<nleaderranks; i+=4) { | ||
| sprintf(p, "%d", i); | ||
| snprintf(p, bufsize - (p - str), "%d", i); | ||
| for (j=(int)strlen(p); j<8; ++j) { |
There was a problem hiding this comment.
Trying to understand the memory allocation above I got totally confused by this piece of code. Why is j looping up to 8 instead of up to per ? A similar code exists around line 650 and it clear the string up to per for each leaderrank.
3 participants
Mac OS' clang warns that
printfis deprecated. Replace its use withsnprintf. Also fixes some minor warnings found along the way (see commit messages).