Fix example/subsystem_netconf.c

Peter Stuge peter at
Sun Sep 12 22:39:20 CEST 2021

Hi Christian,

Christian Weisgerber via libssh2-devel wrote:
> In libssh2's example/subsystem_netconf.c, a pointer to a variable
> of the wrong size (on LP64) is passed.  Ouch.  The patch below fixes
> this and also eliminates the %n format specifier that is increasingly
> discouraged:

The example is intended to show how to use a subsystem, but I think
it's great if you can send a revised patch taking Yuriy's comment
into account.

> --- example/subsystem_netconf.c.orig
> +++ example/subsystem_netconf.c
> @@ -257,14 +257,14 @@ int main(int argc, char *argv[])
>      /* NETCONF: */
>      fprintf(stderr, "Sending NETCONF client <hello>\n");
> -    snprintf(buf, sizeof(buf),
> +    len = snprintf(buf, sizeof(buf),
>        "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
>        "<hello>"
>        "<capabilities>"
>        "<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>"
>        "</capabilities>"
>        "</hello>\n"
> -      "]]>]]>\n%n", (int *)&len);
> +      "]]>]]>\n");

Here, something like the following is needed:

if (len >= sizeof buf)
  goto shutdown;

But please note that this is not portable. At least on Windows, the
snprintf() return value is different from e.g. Linux. So please
investigate what the actually correct fix is.

>      if(-1 == netconf_write(channel, buf, len))
>          goto shutdown;

A simpler fix may be to just add int msglen and continue using %n.



More information about the libssh2-devel mailing list