Ask Your Question
2

Client programs may crash by calling listAllAPIDataCSV of EnergyPlus API. [closed]

I found a bug in a source file of EnergyPlus/api/datatransfer.cc. (Version 22.2.0)

At the end of the definition of listAllAPIDataCSV function, there are following codes.

char *p = new char[std::strlen(output.c_str())];
std::strcpy(p, output.c_str());
return p;

I think that strcpy function copies null character after the string, so length of new char[] has to be strlen() + 1 byte or more.

yoshiwara's avatar
85
yoshiwara
asked 2023-01-15 23:24:24 -0500
Aaron Boranian's avatar
14.1k
Aaron Boranian
updated 2023-01-16 09:47:32 -0500
edit flag offensive 0 remove flag reopen merge delete

Closed for the following reason "the question is answered, right answer was accepted" by yoshiwara 2023-01-17 02:53:00 -0500

Comments

I think you are right. That said, this type of things should be best posted as an issue directly at https://github.com/NREL/EnergyPlus/is....

Julien Marrec's avatar Julien Marrec (2023-01-17 02:32:11 -0500) edit
more
  • delete

Thank you for posting this issue and quick fix.

yoshiwara's avatar yoshiwara (2023-01-17 02:51:50 -0500) edit
more
  • delete
add a comment see more comments

1 Answer

2

Posted as an issue here: https://github.com/NREL/EnergyPlus/is...

With a Pull request fixing it at https://github.com/NREL/EnergyPlus/pu...

Julien Marrec's avatar
29.7k
Julien Marrec
answered 2023-01-17 02:41:30 -0500
edit flag offensive 0 remove flag delete link
more

Comments

1

Thank you for posting this issue and quick fix.

yoshiwara's avatar yoshiwara (2023-01-17 02:54:30 -0500) edit
more
  • delete
add a comment see more comments