13822 – fmemopen cannot handle wide chars

Bug 13822 - fmemopen cannot handle wide chars

Summary: fmemopen cannot handle wide chars

Status:	NEW

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	stdio (show other bugs)
Version:	unspecified

Importance:	P2 enhancement
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-03-08 09:11 UTC by Marek Polacek
Modified:	2019-02-01 12:55 UTC (History)
CC List:	3 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Flags:	fweimer: security-

Attachments
Testcase. (229 bytes, text/x-csrc) 2012-03-08 09:11 UTC, Marek Polacek	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marek Polacek 2012-03-08 09:11:20 UTC

Created attachment 6271 [details]
Testcase.

Attached testcase segfaults with Fedora 16 glibc and trunk as well.  The problem is that fgetws_unlocked calls _IO_getwline which is just
return _IO_getwline_info (fp, buf, n, delim, extract_delim, (wint_t *) 0);
however, in _IO_getwline_info is
_IO_ssize_t len = (fp->_wide_data->_IO_read_end
                   - fp->_wide_data->_IO_read_ptr);
whereas
(gdb) p fp->_wide_data
$6 = (struct _IO_wide_data *) 0x0

Comment 1 Siddhesh Poyarekar 2012-10-25 12:46:41 UTC

That's because fmemopen does not support wide character functions.  There's open_wmemstream that is a close replacement.

Comment 2 Marek Polacek 2012-10-25 13:10:40 UTC

Yes, but I think we shouldn't just segfault.

Comment 3 Siddhesh Poyarekar 2012-10-25 13:20:43 UTC

For that I guess it would be simple to make all the wide char functions return NULL if they're called on an fp with _mode == -1.

Comment 4 Rich Felker 2012-10-25 18:12:23 UTC

Per the standard, calling wide functions on a byte-oriented stream or byte functions on a wide-oriented stream is not an error; it's undefined behavior. Therefore, the crash is justified if the stream is byte-oriented.

However, I see nothing in the standard that requires or allows the stream obtained by fmemopen to be initially byte-oriented, so presumably the POSIX standard, as written, requires it to be initially unoriented. Unlike open_wmemstream, which generates a wchar_t string, I think the natural behavior for fmemopen if put in a wide-oriented mode would be to convert to multibyte characters, and work with file offsets in bytes, just like an ordinary file (this is the normal behavior for stream functions; the open_wmemstream behavior is pathological). This is how my implementation of fmemopen in musl works (not by design; just as a consequence of how our wide functions work).

Of course, if the glibc maintainers think fmemopen should return a byte-oriented stream, I would not object to this, but I think that calls for opening a defect report with the Austin Group and requesting that POSIX specify that fmemopen returns a byte-oriented stream, or at least that it MAY return a byte-oriented stream, in which case calling wide functions on it would invoke undefined behavior.

Comment 5 Florian Weimer 2019-02-01 12:55:37 UTC

At least in POSIX, open_wmemstream does not allow reading, so it is not a replacement for fmemopen.