SA-MP Forums Archive
Sscanf warning: String buffer overflow - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Sscanf warning: String buffer overflow (/showthread.php?tid=304609)


Sscanf warning: String buffer overflow - hellangel - 19.12.2011

Let's suppose I have this:

pawn Код:
CMD:whisper(playerid, params[])
{
    new whisp[90];
    if(sscanf(params, "us[90]", giveplayerid, whisp)) return SendClientMessage //Blahblahblah whatever
    //Do something here
    return 1;
}
Well, it's a command. So, anybody can use it. Now, if the string text overpass the string size, the sscanf plugin prints this warning: sscanf warning: string buffer overflow.

Now, is there a way to avoid it BEFORE parsing the string with sscanf? Or is it normal to do this warning? I can see that sscanf cuts the string at the point, but are the warnings bad? Or can I just live with it?

Re: Sscanf warning: String buffer overflow - Hoborific - 19.12.2011

I am pretty sure this was fixed in sscanf2, How old is the version of sscanf your using? mine was from 03rd of November 2010, I had downloaded it but forgot to
pawn Код:
#include <sscanf>
 to 
#include <sscanf2>
up until two days ago. Imagine my face when half my problems instantly disappeared.

Re: Sscanf warning: String buffer overflow - hellangel - 19.12.2011

Quote:
Originally Posted by Hoborific
Посмотреть сообщение
I am pretty sure this was fixed in sscanf2, How old is the version of sscanf your using? mine was from 03rd of November 2010, I had downloaded it but forgot to
pawn Код:
#include <sscanf>
 to 
#include <sscanf2>
up until two days ago. Imagine my face when half my problems instantly disappeared.
Yeah, I use sscanf2.

Re: Sscanf warning: String buffer overflow - Scenario - 19.12.2011

Increase the string size in sscanf for the "whisp" variable, apparently 90 cells isn't enough!

Re: Sscanf warning: String buffer overflow - hellangel - 19.12.2011

Quote:
Originally Posted by RealCop228
Посмотреть сообщение
Increase the string size in sscanf for the "whisp" variable, apparently 90 cells isn't enough!
Duh, I know that, but as it's a command, there's always that MORON who will type dpfamdfsgposdifmbspofvibmxpocvibmxpoifgmspodifmgps odifmgpsodifmg just to fill in the entire space in the chatbox. This will overflow the array. So what? Would the only solution be increasing ALL of my strings' sizes to 128? I'm definitely not doing that and fucking my stack.

Re: Sscanf warning: String buffer overflow - Scenario - 19.12.2011

Quote:
Originally Posted by hellangel
Посмотреть сообщение
Duh, I know that, but as it's a command, there's always that MORON who will type dpfamdfsgposdifmbspofvibmxpocvibmxpoifgmspodifmgps odifmgpsodifmg just to fill in the entire space in the chatbox. This will overflow the array. So what? Would the only solution be increasing ALL of my strings' sizes to 128? I'm definitely not doing that and fucking my stack.
Have you ever coded something in a server before? Do you know how often I type messages over 128 characters? I'll answer that for you- VERY often! The maximum size of any strings sent to the client is 128 cells, you may as well allow people to use them all. Honestly, the main problem is creating a 5000 cell string and really only needing 100 cells of it.

See this for more information: https://sampforum.blast.hk/showthread.php?tid=55261

Re: Sscanf warning: String buffer overflow - hellangel - 19.12.2011

Quote:
Originally Posted by RealCop228
Посмотреть сообщение
Have you ever coded something in a server before? Do you know how often I type messages over 128 characters? I'll answer that for you- VERY often! The maximum size of any strings sent to the client is 128 cells, you may as well allow people to use them all. Honestly, the main problem is creating a 5000 cell string and really only needing 100 cells of it.

See this for more information: https://sampforum.blast.hk/showthread.php?tid=55261
I'ma talking about smaller strings, like an identifier, like "type enter to enter". A string to hold ENTER would need only 6 cells, so why would I make 128 cells for a string that needs only 6? Just to get around the warning?

Re: Sscanf warning: String buffer overflow - Scenario - 19.12.2011

Quote:
Originally Posted by hellangel
Посмотреть сообщение
I'ma talking about smaller strings, like an identifier, like "type enter to enter". A string to hold ENTER would need only 6 cells, so why would I make 128 cells for a string that needs only 6? Just to get around the warning?
You would just add a check underneath the sscanf line...?

pawn Код:
if(strlen(params) > 6)
     return 0;


Re: Sscanf warning: String buffer overflow - hellangel - 19.12.2011

Here's what I did originally (Yea yea I used godfather, moving on..)

pawn Код:
new x_nr[16];
    if(sscanf(params, "s[16] ", x_nr))
    {
        SendClientMessage(playerid, COLOR_YELLOW2, "USO: /irc [Nome]");
        SendClientMessage(playerid, COLOR_YELLOW2, "Nomes disponнveis: Entrar, MOTD, Senha, Precisasenha, Trancar, Kick, Status");
        return 1;
    }
    if(strlen(x_nr)) > 16) return SendClientMessage("blahblahblah");


Re: Sscanf warning: String buffer overflow - Calgon - 19.12.2011

It's a warning to you as a scripter to increase the size of your string, as it truncates the text. It's nothing you should consider serious really, as it manages the buffer overflow itself, it just warns you that it had to.